Re: [one-users] clusters in 4.8

[Steven C Timm]

PS--if there are other vm's still launched and running from the time when the 
datastore used to be part of 
a cluster, could that confuse anything?  Do I have to restart oned to clear 
anything up?

Steve Timm


From: Steven C Timm
Sent: Friday, February 13, 2015 5:56 PM
To: Ruben S. Montero
Cc: users@lists.opennebula.org
Subject: RE: [one-users] clusters in 4.8

OK here we go:

VM in question is taking an image from image store 102 (currently in no 
cluster),
vnet 0 "routable private" from cluster 100 "cloud worker"
also a number of hosts, including hosts # 0 and 2, also part of cluster "cloud 
worker"

VM stays pending for ever, hold reason is below.--it is requiring that cluster 
ID has to be 100.

Same image and same datastore and same vnet outside of the cluster, work just 
fine.

Seems like if I require any resource from the cluster, in this case a vnet, 
then all resources
have to be in the cluster.  Am I missing something?

Steve Timm



[root@fclheadgpvm01 one]# onevm show 1054 | more
VIRTUAL MACHINE 1054 INFORMATION
ID  : 1054
NAME: CLI_PRIV_SLF6Vanilla-1054
USER: oneadmin
GROUP   : oneadmin
STATE   : PENDING
LCM_STATE   : LCM_INIT
RESCHED : No
START TIME  : 02/13 17:44:52
END TIME: -
DEPLOY ID   : -

VIRTUAL MACHINE MONITORING
NET_RX  : 0K
USED MEMORY : 0K
USED CPU: 0
NET_TX  : 0K

PERMISSIONS
OWNER   : um-
GROUP   : ---
OTHER   : ---

VM DISKS
 ID TARGET IMAGE   TYPE SAVE SAVE_AS
  0 vdaSLF6Vanilla file   NO   -

VM NICS
 ID NETWORK  VLAN BRIDGE   IP  MAC
  0 routable-private   no br1  10.128.1.9  54:52:00:02:0d:09

USER TEMPLATE
NPTYPE="NPERNLM"
SCHED_MESSAGE="Fri Feb 13 17:46:29 2015 : No system datastore meets SCHED_DS_REQ
UIREMENTS: CLUSTER_ID = 100 & !(PUBLIC_CLOUD = YES)"
SCHED_RANK="FREE_MEM"
SCHED_REQUIREMENTS="HYPERVISOR=\"kvm\" & HOSTNAME=\"cloudworker*\""

VIRTUAL MACHINE TEMPLATE
AUTOMATIC_REQUIREMENTS="CLUSTER_ID = 100 & !(PUBLIC_CLOUD = YES)"
CONTEXT=[
  CTX_USER="PFVTRVI+PElEPjA8L0lEPjxHSUQ+MDwvR0lEPjxHUk9VUFM+PElEPjA8L0lEPjwvR1JP
VVBTPjxHTkFNRT5vbmVhZG1pbjwvR05BTUU+PE5BTUU+b25lYWRtaW48L05BTUU+PFBBU1NXT1JEPi9E
Qz1jb20vREM9RGlnaUNlcnQtR3JpZC9PPU9wZW5cMjBTY2llbmNlXDIwR3JpZC9PVT1TZXJ2aWNlcy9D
Tj1mY2xoZWFkZ3B2bTAxLmZuYWwuZ292PC9QQVNTV09SRD48QVVUSF9EUklWRVI+eDUwOTwvQVVUSF9E
UklWRVI+PEVOQUJMRUQ+MTwvRU5BQkxFRD48VEVNUExBVEU+PFRPS0VOX1BBU1NXT1JEPjwhW0NEQVRB
[root@fclheadgpvm01 one]# onedatastore list
  ID NAMESIZE AVAIL CLUSTER  IMAGES TYPE DS   TM
   0 system0M - - 0 sys  -shared
   1 default21.2G 85%   - 0 img  fs   shared
   2 files  21.2G 85%   - 0 fil  fs   ssh
 100 localnode  - - - 0 sys  -ssh
 102 cloud_images 20T 75%   - 2 img  fs   shared
[root@fclheadgpvm01 one]# onevnet list
  ID USERGROUPNAMECLUSTERBRIDGE   LEASES
   0 oneadminoneadmin routable-privatecloudworke br1   8
   2 oneadminoneadmin DynamicIP   -  br0  13
   3 oneadminoneadmin StaticIP-  br0   0
[root@fclheadgpvm01 one]# onehost list | more
  ID NAMECLUSTER   RVM  ALLOCATED_CPU  ALLOCATED_MEM STAT
   0 cloudworker1200 cloudwork   4400 / 800 (50%) 7.4G / 15.6G (47%) on
   1 cloudworker1201 cloudwork   0  -  - off
   2 cloudworker1202 cloudwork   0   0 / 800 (0%)0K / 15.6G (0%) on

From: Ruben S. Montero [rsmont...@opennebula.org]
Sent: Friday, February 13, 2015 4:49 PM
To: Steven C Timm
Cc: users@lists.opennebula.org
Subject: Re: [one-users] clusters in 4.8

Yes, you can do:

Cluster A: Host_A0, Host_A1...  + VNET_A0, VNET_A1...
Cluster B: HostB0, HostB1... + VNET_B0, VNET_B1...
Cluster Default: DS, DS_System

Then a VM that uses VNET_A0 + DS would be scheduled to Cluster A. Note
that using VNET_A0 constrain resources from Cluster A + Cluster
Default.

Cheers

Ruben

On Fri, Feb 13, 2015 at 10:42 PM, Steven C Timm  wrote:
> I know if I just take the vnet and the datastore out of the cluster, and have 
> no clusters at all,  then everything
> will work.. I was hoping to have a cluster structure of (host,vnet) pairings 
> that could
> all share a common data store.  However from the documentation, it looks like 
> if
> your template requests any resource that is part of a cluster (vnet or image 
> from datastore)
> then the scheduler will constrain you to resources that are part of that same 
> cluster.
>
> Is that correct?
>
> Steve Timm
>
> 

Re: [one-users] clusters in 4.8

[Steven C Timm]

One more followup:

host 156 + vnet2 + ds 100/102, all outside the cluster, no problem
host 156 + vnet2 + ds100/102, all in the cluster, no problem

host 156 and vnet2 in the cluster, DS outside of the cluster, problem.
SCHED_MESSAGE="Fri Feb 13 18:06:29 2015 : No system datastore meets 
SCHED_DS_REQUIREMENTS: CLUSTER_ID = 101 & !(PUBLIC_CLOUD = YES)"

host 156 in the cluster, vnet2 and DS out of the cluster
No error message but it never matches either.

Fri Feb 13 18:24:29 2015 [Z0][HOST][D]: Discovered Hosts (enabled):
 0 2 156
Fri Feb 13 18:24:29 2015 [Z0][SCHED][D]: VM 1058: Host 0 filtered out. It does 
not fulfill SCHED_REQUIREMENTS.
Fri Feb 13 18:24:29 2015 [Z0][SCHED][D]: VM 1058: Host 2 filtered out. It does 
not fulfill SCHED_REQUIREMENTS.
Fri Feb 13 18:24:29 2015 [Z0][SCHED][I]: Scheduling Results:
Virtual Machine: 1058

PRI ID - HOSTS

1   156

PRI ID - DATASTORES

0   100
0   0


Fri Feb 13 18:24:29 2015 [Z0][SCHED][I]: VM 1058: No suitable System DS found 
for Host: 156. Filtering out host.

Steve Timm




From: Steven C Timm
Sent: Friday, February 13, 2015 6:01 PM
To: Ruben S. Montero
Cc: users@lists.opennebula.org
Subject: RE: [one-users] clusters in 4.8

PS--if there are other vm's still launched and running from the time when the 
datastore used to be part of
a cluster, could that confuse anything?  Do I have to restart oned to clear 
anything up?

Steve Timm


From: Steven C Timm
Sent: Friday, February 13, 2015 5:56 PM
To: Ruben S. Montero
Cc: users@lists.opennebula.org
Subject: RE: [one-users] clusters in 4.8

OK here we go:

VM in question is taking an image from image store 102 (currently in no 
cluster),
vnet 0 "routable private" from cluster 100 "cloud worker"
also a number of hosts, including hosts # 0 and 2, also part of cluster "cloud 
worker"

VM stays pending for ever, hold reason is below.--it is requiring that cluster 
ID has to be 100.

Same image and same datastore and same vnet outside of the cluster, work just 
fine.

Seems like if I require any resource from the cluster, in this case a vnet, 
then all resources
have to be in the cluster.  Am I missing something?

Steve Timm



[root@fclheadgpvm01 one]# onevm show 1054 | more
VIRTUAL MACHINE 1054 INFORMATION
ID  : 1054
NAME: CLI_PRIV_SLF6Vanilla-1054
USER: oneadmin
GROUP   : oneadmin
STATE   : PENDING
LCM_STATE   : LCM_INIT
RESCHED : No
START TIME  : 02/13 17:44:52
END TIME: -
DEPLOY ID   : -

VIRTUAL MACHINE MONITORING
NET_RX  : 0K
USED MEMORY : 0K
USED CPU: 0
NET_TX  : 0K

PERMISSIONS
OWNER   : um-
GROUP   : ---
OTHER   : ---

VM DISKS
 ID TARGET IMAGE   TYPE SAVE SAVE_AS
  0 vdaSLF6Vanilla file   NO   -

VM NICS
 ID NETWORK  VLAN BRIDGE   IP  MAC
  0 routable-private   no br1  10.128.1.9  54:52:00:02:0d:09

USER TEMPLATE
NPTYPE="NPERNLM"
SCHED_MESSAGE="Fri Feb 13 17:46:29 2015 : No system datastore meets SCHED_DS_REQ
UIREMENTS: CLUSTER_ID = 100 & !(PUBLIC_CLOUD = YES)"
SCHED_RANK="FREE_MEM"
SCHED_REQUIREMENTS="HYPERVISOR=\"kvm\" & HOSTNAME=\"cloudworker*\""

VIRTUAL MACHINE TEMPLATE
AUTOMATIC_REQUIREMENTS="CLUSTER_ID = 100 & !(PUBLIC_CLOUD = YES)"
CONTEXT=[
  CTX_USER="PFVTRVI+PElEPjA8L0lEPjxHSUQ+MDwvR0lEPjxHUk9VUFM+PElEPjA8L0lEPjwvR1JP
VVBTPjxHTkFNRT5vbmVhZG1pbjwvR05BTUU+PE5BTUU+b25lYWRtaW48L05BTUU+PFBBU1NXT1JEPi9E
Qz1jb20vREM9RGlnaUNlcnQtR3JpZC9PPU9wZW5cMjBTY2llbmNlXDIwR3JpZC9PVT1TZXJ2aWNlcy9D
Tj1mY2xoZWFkZ3B2bTAxLmZuYWwuZ292PC9QQVNTV09SRD48QVVUSF9EUklWRVI+eDUwOTwvQVVUSF9E
UklWRVI+PEVOQUJMRUQ+MTwvRU5BQkxFRD48VEVNUExBVEU+PFRPS0VOX1BBU1NXT1JEPjwhW0NEQVRB
[root@fclheadgpvm01 one]# onedatastore list
  ID NAMESIZE AVAIL CLUSTER  IMAGES TYPE DS   TM
   0 system0M - - 0 sys  -shared
   1 default21.2G 85%   - 0 img  fs   shared
   2 files  21.2G 85%   - 0 fil  fs   ssh
 100 localnode  - - - 0 sys  -ssh
 102 cloud_images 20T 75%   - 2 img  fs   shared
[root@fclheadgpvm01 one]# onevnet list
  ID USERGROUPNAMECLUSTERBRIDGE   LEASES
   0 oneadminoneadmin routable-privatecloudworke br1   8
   2 oneadminoneadmin DynamicIP   -  br0  13
   3 oneadminoneadmin StaticIP-  br0   0
[root@fclheadgpvm01 one]# onehost list | more
  ID NAMECLUSTER   RVM  ALLOCATED_CPU  ALLOCATED_MEM STAT
  

Re: [one-users] clusters in 4.8

[Steven C Timm]

OK here we go:

VM in question is taking an image from image store 102 (currently in no 
cluster),
vnet 0 "routable private" from cluster 100 "cloud worker"
also a number of hosts, including hosts # 0 and 2, also part of cluster "cloud 
worker"

VM stays pending for ever, hold reason is below.--it is requiring that cluster 
ID has to be 100.

Same image and same datastore and same vnet outside of the cluster, work just 
fine.

Seems like if I require any resource from the cluster, in this case a vnet, 
then all resources
have to be in the cluster.  Am I missing something?

Steve Timm



[root@fclheadgpvm01 one]# onevm show 1054 | more
VIRTUAL MACHINE 1054 INFORMATION
ID  : 1054
NAME: CLI_PRIV_SLF6Vanilla-1054
USER: oneadmin
GROUP   : oneadmin
STATE   : PENDING 
LCM_STATE   : LCM_INIT
RESCHED : No  
START TIME  : 02/13 17:44:52  
END TIME: -   
DEPLOY ID   : -   

VIRTUAL MACHINE MONITORING  
NET_RX  : 0K  
USED MEMORY : 0K  
USED CPU: 0   
NET_TX  : 0K  

PERMISSIONS 
OWNER   : um- 
GROUP   : --- 
OTHER   : --- 

VM DISKS
 ID TARGET IMAGE   TYPE SAVE SAVE_AS
  0 vdaSLF6Vanilla file   NO   -

VM NICS 
 ID NETWORK  VLAN BRIDGE   IP  MAC  
  0 routable-private   no br1  10.128.1.9  54:52:00:02:0d:09

USER TEMPLATE   
NPTYPE="NPERNLM"
SCHED_MESSAGE="Fri Feb 13 17:46:29 2015 : No system datastore meets SCHED_DS_REQ
UIREMENTS: CLUSTER_ID = 100 & !(PUBLIC_CLOUD = YES)"
SCHED_RANK="FREE_MEM"
SCHED_REQUIREMENTS="HYPERVISOR=\"kvm\" & HOSTNAME=\"cloudworker*\""

VIRTUAL MACHINE TEMPLATE
AUTOMATIC_REQUIREMENTS="CLUSTER_ID = 100 & !(PUBLIC_CLOUD = YES)"
CONTEXT=[
  CTX_USER="PFVTRVI+PElEPjA8L0lEPjxHSUQ+MDwvR0lEPjxHUk9VUFM+PElEPjA8L0lEPjwvR1JP
VVBTPjxHTkFNRT5vbmVhZG1pbjwvR05BTUU+PE5BTUU+b25lYWRtaW48L05BTUU+PFBBU1NXT1JEPi9E
Qz1jb20vREM9RGlnaUNlcnQtR3JpZC9PPU9wZW5cMjBTY2llbmNlXDIwR3JpZC9PVT1TZXJ2aWNlcy9D
Tj1mY2xoZWFkZ3B2bTAxLmZuYWwuZ292PC9QQVNTV09SRD48QVVUSF9EUklWRVI+eDUwOTwvQVVUSF9E
UklWRVI+PEVOQUJMRUQ+MTwvRU5BQkxFRD48VEVNUExBVEU+PFRPS0VOX1BBU1NXT1JEPjwhW0NEQVRB
[root@fclheadgpvm01 one]# onedatastore list
  ID NAMESIZE AVAIL CLUSTER  IMAGES TYPE DS   TM  
   0 system0M - - 0 sys  -shared
   1 default21.2G 85%   - 0 img  fs   shared
   2 files  21.2G 85%   - 0 fil  fs   ssh
 100 localnode  - - - 0 sys  -ssh
 102 cloud_images 20T 75%   - 2 img  fs   shared
[root@fclheadgpvm01 one]# onevnet list
  ID USERGROUPNAMECLUSTERBRIDGE   LEASES
   0 oneadminoneadmin routable-privatecloudworke br1   8
   2 oneadminoneadmin DynamicIP   -  br0  13
   3 oneadminoneadmin StaticIP-  br0   0
[root@fclheadgpvm01 one]# onehost list | more
  ID NAMECLUSTER   RVM  ALLOCATED_CPU  ALLOCATED_MEM STAT  
   0 cloudworker1200 cloudwork   4400 / 800 (50%) 7.4G / 15.6G (47%) on
   1 cloudworker1201 cloudwork   0  -  - off
   2 cloudworker1202 cloudwork   0   0 / 800 (0%)0K / 15.6G (0%) on

From: Ruben S. Montero [rsmont...@opennebula.org]
Sent: Friday, February 13, 2015 4:49 PM
To: Steven C Timm
Cc: users@lists.opennebula.org
Subject: Re: [one-users] clusters in 4.8

Yes, you can do:

Cluster A: Host_A0, Host_A1...  + VNET_A0, VNET_A1...
Cluster B: HostB0, HostB1... + VNET_B0, VNET_B1...
Cluster Default: DS, DS_System

Then a VM that uses VNET_A0 + DS would be scheduled to Cluster A. Note
that using VNET_A0 constrain resources from Cluster A + Cluster
Default.

Cheers

Ruben

On Fri, Feb 13, 2015 at 10:42 PM, Steven C Timm  wrote:
> I know if I just take the vnet and the datastore out of the cluster, and have 
> no clusters at all,  then everything
> will work.. I was hoping to have a cluster structure of (host,vnet) pairings 
> that could
> all share a c

Re: [one-users] clusters in 4.8

[Ruben S. Montero]

Yes, you can do:

Cluster A: Host_A0, Host_A1...  + VNET_A0, VNET_A1...
Cluster B: HostB0, HostB1... + VNET_B0, VNET_B1...
Cluster Default: DS, DS_System

Then a VM that uses VNET_A0 + DS would be scheduled to Cluster A. Note
that using VNET_A0 constrain resources from Cluster A + Cluster
Default.

Cheers

Ruben

On Fri, Feb 13, 2015 at 10:42 PM, Steven C Timm  wrote:
> I know if I just take the vnet and the datastore out of the cluster, and have 
> no clusters at all,  then everything
> will work.. I was hoping to have a cluster structure of (host,vnet) pairings 
> that could
> all share a common data store.  However from the documentation, it looks like 
> if
> your template requests any resource that is part of a cluster (vnet or image 
> from datastore)
> then the scheduler will constrain you to resources that are part of that same 
> cluster.
>
> Is that correct?
>
> Steve Timm
>
> 
> From: Ruben S. Montero [rsmont...@opennebula.org]
> Sent: Friday, February 13, 2015 3:11 PM
> To: Steven C Timm
> Cc: users@lists.opennebula.org
> Subject: Re: [one-users] clusters in 4.8
>
> Hi
>
> If both clusters has access to the same datastores, just move them out
> of the first cluster. When a datastore or network is not assigned to
> any cluster (cluster default) OpenNebula assumes it can be used with
> any host (no matter in which cluster is set).
>
> BTW, although you do not needed for your use case, 4.12 will come with
> extended VDC support to create complex provision scenarios. Basically
> you can define generic "resource providers" that aggregate any
> resource (cluster, host, network, datastores)  more here
> http://opennebula.org/4-12-features-virtual-data-center-redesign/
>
> Cheers
>
> On Fri, Feb 13, 2015 at 6:37 PM, Steven Timm  wrote:
>>
>> I have had my one4.8 host up for a while with a single cluster
>> that has 150 hosts, one vnet, and a system and image datastore.
>>
>> I am now adding hosts from a different vnet.
>> want to make second host + vnet cluster but still use
>> the same system and image data stores.
>>
>> What's the right way to do that.. just remove the datastores
>> from the first cluster... they can't be in more than one
>> cluster at a time, can they?
>>
>>
>> Thanks for any suggestions.
>>
>> Steve Timm
>>
>>
>> --
>> Steven C. Timm, Ph.D  (630) 840-8525
>> t...@fnal.gov  http://home.fnal.gov/~timm/
>> Office:  Wilson Hall room 804
>> Fermilab Scientific Computing Division,
>> Scientific Computing Facilities Quadrant.,
>> Experimental Computing Facilities Dept.,
>> Project Lead for Virtual Facility Project.
>>
>>
>> ___
>> Users mailing list
>> Users@lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
> --
> Ruben S. Montero, PhD
> Project co-Lead and Chief Architect
> OpenNebula - Flexible Enterprise Cloud Made Simple
> www.OpenNebula.org | rsmont...@opennebula.org | @OpenNebula



-- 
Ruben S. Montero, PhD
Project co-Lead and Chief Architect
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | rsmont...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] clusters in 4.8

[Steven C Timm]

I know if I just take the vnet and the datastore out of the cluster, and have 
no clusters at all,  then everything
will work.. I was hoping to have a cluster structure of (host,vnet) pairings 
that could
all share a common data store.  However from the documentation, it looks like 
if 
your template requests any resource that is part of a cluster (vnet or image 
from datastore)
then the scheduler will constrain you to resources that are part of that same 
cluster.

Is that correct?

Steve Timm


From: Ruben S. Montero [rsmont...@opennebula.org]
Sent: Friday, February 13, 2015 3:11 PM
To: Steven C Timm
Cc: users@lists.opennebula.org
Subject: Re: [one-users] clusters in 4.8

Hi

If both clusters has access to the same datastores, just move them out
of the first cluster. When a datastore or network is not assigned to
any cluster (cluster default) OpenNebula assumes it can be used with
any host (no matter in which cluster is set).

BTW, although you do not needed for your use case, 4.12 will come with
extended VDC support to create complex provision scenarios. Basically
you can define generic "resource providers" that aggregate any
resource (cluster, host, network, datastores)  more here
http://opennebula.org/4-12-features-virtual-data-center-redesign/

Cheers

On Fri, Feb 13, 2015 at 6:37 PM, Steven Timm  wrote:
>
> I have had my one4.8 host up for a while with a single cluster
> that has 150 hosts, one vnet, and a system and image datastore.
>
> I am now adding hosts from a different vnet.
> want to make second host + vnet cluster but still use
> the same system and image data stores.
>
> What's the right way to do that.. just remove the datastores
> from the first cluster... they can't be in more than one
> cluster at a time, can they?
>
>
> Thanks for any suggestions.
>
> Steve Timm
>
>
> --
> Steven C. Timm, Ph.D  (630) 840-8525
> t...@fnal.gov  http://home.fnal.gov/~timm/
> Office:  Wilson Hall room 804
> Fermilab Scientific Computing Division,
> Scientific Computing Facilities Quadrant.,
> Experimental Computing Facilities Dept.,
> Project Lead for Virtual Facility Project.
>
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org



--
Ruben S. Montero, PhD
Project co-Lead and Chief Architect
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | rsmont...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] clusters in 4.8

[Ruben S. Montero]

Hi

If both clusters has access to the same datastores, just move them out
of the first cluster. When a datastore or network is not assigned to
any cluster (cluster default) OpenNebula assumes it can be used with
any host (no matter in which cluster is set).

BTW, although you do not needed for your use case, 4.12 will come with
extended VDC support to create complex provision scenarios. Basically
you can define generic "resource providers" that aggregate any
resource (cluster, host, network, datastores)  more here
http://opennebula.org/4-12-features-virtual-data-center-redesign/

Cheers

On Fri, Feb 13, 2015 at 6:37 PM, Steven Timm  wrote:
>
> I have had my one4.8 host up for a while with a single cluster
> that has 150 hosts, one vnet, and a system and image datastore.
>
> I am now adding hosts from a different vnet.
> want to make second host + vnet cluster but still use
> the same system and image data stores.
>
> What's the right way to do that.. just remove the datastores
> from the first cluster... they can't be in more than one
> cluster at a time, can they?
>
>
> Thanks for any suggestions.
>
> Steve Timm
>
>
> --
> Steven C. Timm, Ph.D  (630) 840-8525
> t...@fnal.gov  http://home.fnal.gov/~timm/
> Office:  Wilson Hall room 804
> Fermilab Scientific Computing Division,
> Scientific Computing Facilities Quadrant.,
> Experimental Computing Facilities Dept.,
> Project Lead for Virtual Facility Project.
>
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org



-- 
Ruben S. Montero, PhD
Project co-Lead and Chief Architect
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | rsmont...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] clusters in 4.8

[Steven Timm]

I have had my one4.8 host up for a while with a single cluster
that has 150 hosts, one vnet, and a system and image datastore.

I am now adding hosts from a different vnet.
want to make second host + vnet cluster but still use
the same system and image data stores.

What's the right way to do that.. just remove the datastores
from the first cluster... they can't be in more than one
cluster at a time, can they?


Thanks for any suggestions.

Steve Timm


--
Steven C. Timm, Ph.D  (630) 840-8525
t...@fnal.gov  http://home.fnal.gov/~timm/
Office:  Wilson Hall room 804
Fermilab Scientific Computing Division,
Scientific Computing Facilities Quadrant.,
Experimental Computing Facilities Dept.,
Project Lead for Virtual Facility Project.


___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] What are the causes let OpenNebula "thinks" VM is "POWEROFF" and how to recover?

[Ruben S. Montero]

Hi

This problem is as described by Ondra becasue of a kind of race condition
between the boot process and the monitor probes. You may or may not see it
depending on timing network and the like.

OpenNebula 4.10.2 includes some logic to deal with this and also to recover
automatically the VM when its again monitored. What version are you running?

Ruben

On Fri Feb 13 2015 at 3:51:40 PM Hamada, Ondrej 
wrote:

>  Hi,
>
> I would suspect this to happen when the probe times out somehow (due to
> the network issues etc.) or simply it cannot detect the VM at the moment.
> Does the VM remain in ‘poweroff’ state forever or does it become ‘running’
> again after some time?
>
>
>
> Ondra
>
>
>
> *From:* Users [mailto:users-boun...@lists.opennebula.org] *On Behalf Of *Liu,
> Gene
> *Sent:* Friday, February 13, 2015 3:34 PM
> *To:* users@lists.opennebula.org
> *Subject:* [one-users] What are the causes let OpenNebula "thinks" VM is
> "POWEROFF" and how to recover?
>
>
>
> Hi Everyone,
>
> Anyone had ever encounter an issue about VM stat changes to "POWEROFF" a
> few minutes (2 ~ 3 minutes) after "RUNNING"?
>
> The actual problem is that the "POWEROFF" stat is incorrect as the VM is
> actually running on the computing node. If you try to "boot" it back, it
> will failed as that instance is already running on the same computing node.
>
> Is it a bug of OpenNebula? Any suggestions to get it recovered?
>
> Thanks,
>
> Gene
>
> * VM log 
> Thu Feb 12 14:46:36 2015 [Z0][DiM][I]: New VM state is ACTIVE.
> Thu Feb 12 14:46:37 2015 [Z0][LCM][I]: New VM state is PROLOG.
> Thu Feb 12 14:49:43 2015 [Z0][LCM][I]: New VM state is BOOT
> Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: Generating deployment file:
> /var/lib/one/vms/42922/deployment.0
> Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: ExitCode: 0
> Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: Successfully execute network driver
> operation: pre.
> Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: ExitCode: 0
> Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: Successfully execute virtualization
> driver operation: deploy.
> Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: ExitCode: 0
> Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: Successfully execute network driver
> operation: post.
> Thu Feb 12 14:49:46 2015 [Z0][LCM][I]: New VM state is RUNNING
> Thu Feb 12 14:51:48 2015 [Z0][DiM][I]: New VM state is POWEROFF
>  --
>
> This e-mail and any attachment is for authorised use by the intended
> recipient(s) only. It may contain proprietary material, confidential
> information and/or be subject to legal privilege. It should not be copied,
> disclosed to, retained or used by, any other party. If you are not an
> intended recipient then please promptly delete this e-mail and any
> attachment and all copies and inform the sender. Thank you for
> understanding.
>  ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] What are the causes let OpenNebula "thinks" VM is "POWEROFF" and how to recover?

[Hamada, Ondrej]

Hi,
I would suspect this to happen when the probe times out somehow (due to the 
network issues etc.) or simply it cannot detect the VM at the moment. Does the 
VM remain in 'poweroff' state forever or does it become 'running' again after 
some time?

Ondra

From: Users [mailto:users-boun...@lists.opennebula.org] On Behalf Of Liu, Gene
Sent: Friday, February 13, 2015 3:34 PM
To: users@lists.opennebula.org
Subject: [one-users] What are the causes let OpenNebula "thinks" VM is 
"POWEROFF" and how to recover?

Hi Everyone,

Anyone had ever encounter an issue about VM stat changes to "POWEROFF" a few 
minutes (2 ~ 3 minutes) after "RUNNING"?

The actual problem is that the "POWEROFF" stat is incorrect as the VM is 
actually running on the computing node. If you try to "boot" it back, it will 
failed as that instance is already running on the same computing node.

Is it a bug of OpenNebula? Any suggestions to get it recovered?

Thanks,

Gene

* VM log 
Thu Feb 12 14:46:36 2015 [Z0][DiM][I]: New VM state is ACTIVE.
Thu Feb 12 14:46:37 2015 [Z0][LCM][I]: New VM state is PROLOG.
Thu Feb 12 14:49:43 2015 [Z0][LCM][I]: New VM state is BOOT
Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: Generating deployment file: 
/var/lib/one/vms/42922/deployment.0
Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: ExitCode: 0
Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: Successfully execute network driver 
operation: pre.
Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: ExitCode: 0
Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: Successfully execute virtualization 
driver operation: deploy.
Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: ExitCode: 0
Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: Successfully execute network driver 
operation: post.
Thu Feb 12 14:49:46 2015 [Z0][LCM][I]: New VM state is RUNNING
Thu Feb 12 14:51:48 2015 [Z0][DiM][I]: New VM state is POWEROFF

This e-mail and any attachment is for authorised use by the intended 
recipient(s) only. It may contain proprietary material, confidential 
information and/or be subject to legal privilege. It should not be copied, 
disclosed to, retained or used by, any other party. If you are not an intended 
recipient then please promptly delete this e-mail and any attachment and all 
copies and inform the sender. Thank you for understanding.
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] What are the causes let OpenNebula "thinks" VM is "POWEROFF" and how to recover?

[Liu, Gene]

Hi Everyone,

Anyone had ever encounter an issue about VM stat changes to "POWEROFF" a
few minutes (2 ~ 3 minutes) after "RUNNING"?

The actual problem is that the "POWEROFF" stat is incorrect as the VM is
actually running on the computing node. If you try to "boot" it back, it
will failed as that instance is already running on the same computing node.

Is it a bug of OpenNebula? Any suggestions to get it recovered?

Thanks,

Gene

* VM log 
Thu Feb 12 14:46:36 2015 [Z0][DiM][I]: New VM state is ACTIVE.
Thu Feb 12 14:46:37 2015 [Z0][LCM][I]: New VM state is PROLOG.
Thu Feb 12 14:49:43 2015 [Z0][LCM][I]: New VM state is BOOT
Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: Generating deployment file:
/var/lib/one/vms/42922/deployment.0
Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: ExitCode: 0
Thu Feb 12 14:49:43 2015 [Z0][VMM][I]: Successfully execute network
driver operation: pre.
Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: ExitCode: 0
Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: Successfully execute
virtualization driver operation: deploy.
Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: ExitCode: 0
Thu Feb 12 14:49:46 2015 [Z0][VMM][I]: Successfully execute network
driver operation: post.
Thu Feb 12 14:49:46 2015 [Z0][LCM][I]: New VM state is RUNNING
Thu Feb 12 14:51:48 2015 [Z0][DiM][I]: New VM state is POWEROFF
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] nodes in onegate service json are empty

[Madko]

Hi,

here is my use case:

1) VM has a gateway role. So it needs to be ready/deployed first.
2) Others VMs that depends on the gateway, so they have the Gateway VM has
parent node checked.

If the gateway is not ready, other VMs won't have access to some network
resources and therefor can't finish their setups.

But the gateway, has to forward some port to the other VMs. It needs to
knwo the address ip for the other VMs. So I get the service json file thru
onegate, gut it seems the nodes that are not actually deployed are
absents., the nodes attribute is empty.

Here is my service json from onegate:
{"SERVICE":{"name":"openstack","id":"224","roles":[{"name":"gateway","cardinality":1,"state":"1","nodes":[{"deploy_id":1740,"running":false,"vm_info":{"VM":{"NAME":"gateway-0.s224","ID":"1740","USER_TEMPLATE":{"GATEWAY_IFACE":"eth1","HYPERVISOR":"kvm","LOGO":"images/logos/centos.png","ROLE_NAME":"gateway","SERVICE_ID":"224","SUNSTONE_CAPACITY_SELECT":"YES","SUNSTONE_NETWORK_SELECT":"YES"},"TEMPLATE":{"NIC":[{"IP":"192.168.199.124","MAC":"02:00:c0:a8:c7:7c","NETWORK":"admin"},{"IP":"10.0.0.01","MAC":"02:00:0a:00:00:00","NETWORK":"WAN"}]]},{"name":"controller","cardinality":1,"state":0,"nodes":[]},{"name":"network","cardinality":1,"state":0,"nodes":[]},{"name":"storage","cardinality":1,"state":0,"nodes":[]},{"name":"block","cardinality":1,"state":0,"nodes":[]},{"name":"compute","cardinality":1,"state":0,"nodes":[]}]}}

How can I deal with this kind of situation? Is there a way to have a
complete definition of my service?

Can oneflow starts all the VM on hold, except my gateway, and thru onegate
I can release each VM I want at the right moment when my gateway is ready?

best regards,

Edouard
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] wrong gateway detected by vm-context

[Madko]

I have found the solution. GATEWAY_IFACE must be set, but in upper case. I
don't know why. Any idea? If I put GATEWAY_IFACE=eth1 (eth1 is the real
name) it doesn't work, but GATEWAY_IFACE=ETH1 works...

Le Fri Feb 13 2015 at 10:03:33, Madko  a écrit :

> Hi,
>
> It seems vmcontext scripts try to guess the gateway IP as soon as any
> interface has a gateway set.
>
> Here is my case:
> one vm with eth0 to internal admin network, and eth1 to wan. Only eth1 has
> a gateway set.
> When init script vmcontext start, it found out that there is a gateway
> (but on eth1), and so is_gateway function on eth0 seems to returns true.
> After that the gateway is guessed with NETWORK_ADDRESS.1 but I don't know
> why?
>
> here is my context:
> ETH0_IP='192.168.199.109'
> ETH0_MAC='02:00:c0:a8:c7:6d'
> ETH1_DNS='10.156.255.245'
> ETH1_GATEWAY='10.156.0.1'
> ETH1_IP='10.156.24.93'
> ETH1_MAC='02:00:0a:9c:18:5d'
> ETH1_MASK='255.255.224.0'
> ETH1_NETWORK='10.156.0.0'
>
> Here is the ifcfg-eth0 written by vmcontext init script:
> DEVICE=eth0
> BOOTPROTO=none
> ONBOOT=yes
> TYPE=Ethernet
> NETMASK=255.255.255.0
> IPADDR=192.168.199.109
> GATEWAY=192.168.199.1
>
> ifcfg-eth1 is good and has its gateway correctly set.
>
> Here is my vnet template where no gateway is set (same problem if I remove
> the empty GATEWAY key):
> VIRTUAL NETWORK TEMPLATE
>
> BRIDGE="br0"
> DESCRIPTION="réseau admin vm"
> GATEWAY=""
> PHYDEV=""
> ROLE="admin"
> VLAN="YES"
> VLAN_ID="199"
>
> is it a bug?
>
> Attached here is the vmcontext network script log
>
> best regards,
>
> Edouard
>
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] "Official" Debian packages

[Daniel Dehennin]

Daniel Dehennin  writes:


[...]

> It's a big work, for now lintian is far from being happy[3]

[...]

> [3]  c.f. attachement

Missing attachement, sorry.

-- 
Daniel Dehennin
Récupérer ma clef GPG: gpg --recv-keys 0xCC1E9E5B7A6FE2DF
Fingerprint: 3E69 014E 5C23 50E8 9ED6  2AAD CC1E 9E5B 7A6F E2DF

P: opennebula source: source-contains-prebuilt-java-object 
src/oca/java/lib/xmlrpc-common-3.1.2.jar
N: 
N:The source tarball contains a prebuilt Java class file. These are often
N:included by mistake when developers generate a tarball without cleaning
N:the source directory first. If there is no sign this was intended,
N:consider reporting it as an upstream bug.
N:
N:Severity: pedantic, Certainty: possible
N:
N:Check: cruft, Type: source
N: 
P: opennebula source: source-contains-prebuilt-java-object 
src/oca/java/lib/xmlrpc-client-3.1.2.jar
P: opennebula source: source-contains-prebuilt-java-object 
src/oca/java/lib/ws-commons-util-1.0.2.jar
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/vendor/crypto-js/sha1-min.js
N: 
N:The source tarball contains a prebuilt (minified) JavaScript object.
N:They are usually left by mistake when generating the tarball by not
N:cleaning the source directory first. You may want to report this as an
N:upstream bug, in case there is no sign that this was intended.
N:
N:Severity: pedantic, Certainty: possible
N:
N:Check: cruft, Type: source
N: 
E: opennebula source: source-is-missing 
src/sunstone/public/vendor/crypto-js/sha1-min.js
N: 
N:The source of the following file is missing. Lintian checked a few
N:possible paths to find the source, and do not find it.
N:
N:Please repack your package to include the source or add it to
N:"debian/missing-sources" directory.
N:
N:If this is a false-positive, please report a bug against Lintian.
N:
N:Severity: serious, Certainty: possible
N:
N:Check: cruft, Type: source
N: 
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/vendor/crypto-js/enc-base64-min.js
E: opennebula source: source-is-missing 
src/sunstone/public/vendor/crypto-js/enc-base64-min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/vendor/crypto-js/core-min.js
E: opennebula source: source-is-missing 
src/sunstone/public/vendor/crypto-js/core-min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/jquery-migrate/jquery-migrate.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/jgrowl/jquery.jgrowl.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/flot/excanvas.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/vendor/4.0/nouislider/jquery.nouislider.min.js
E: opennebula source: source-is-missing 
src/sunstone/public/vendor/4.0/nouislider/jquery.nouislider.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/sizzle/dist/sizzle.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/no-vnc/include/logo.js mean line length is 
about 16184 characters
E: opennebula source: source-is-missing 
src/sunstone/public/bower_components/no-vnc/include/logo.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/no-vnc/include/keysymdef.js mean line 
length is about 3983 characters
E: opennebula source: source-is-missing 
src/sunstone/public/bower_components/no-vnc/include/keysymdef.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/jquery/dist/jquery.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/foundation/js/foundation.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/flot.tooltip/js/jquery.flot.tooltip.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/flot.tooltip/js/excanvas.min.js
E: opennebula source: source-is-missing 
src/sunstone/public/bower_components/flot.tooltip/js/excanvas.min.js
P: opennebula source: source-contains-prebuilt-javascript-object 
src/sunstone/public/bower_components/no-vnc/include/web-socket-js/swfobject.js 
mean line length is about 10071 characters
E: opennebula source: source-is-missing 
src/sunstone/public/bower_components/no-vnc/include/web-socket-js/swfobject.js
P: opennebula source: source-contains-prebuilt-flash-object 
src/sunstone/public/bower_components/no-vnc/include/web-socket-js/WebSocketMain.swf
N: 
N:The source tarball contains a prebuilt file in the Shockwave Flash (SWF)
N:or Flash Video (FLV) format. These are often inc

Re: [one-users] "Official" Debian packages

[Daniel Dehennin]

Alberto Zuin - Liste  writes:

> Hello all,

Hello,

> just for information, I know there is a pre-compiled version of
> OpenNebula in your repository, but in the "official" Debian repository
> there is only an old version of OpenNebula for Wheezy (3.4) and only
> the contextualization package for the upcoming Jessie.  There is any
> plan to have the package in the official Jessie repository?

First, I'm neither from the OpenNebula team nor a Debian developper.

I see no activity on the Debian repository[1].

I started[2] to rework the Debian packaging.

It's a big work, for now lintian is far from being happy[3] and I don't
know if the OpenNebula team is OK with it[4].

I do not even take the DFSG into account or the duplication of some
components[5] with other Debian packages.

So, I can't answer for others but it does not looks like it planed to
make the fast moving OpenNebula fit the distribution releases.

Regards.

Footnotes: 
[1]  http://anonscm.debian.org/cgit/pkg-opennebula/opennebula.git

[2]  https://github.com/baby-gnu/one/tree/pkg/debian/master

[3]  c.f. attachement

[4]  http://dev.opennebula.org/issues/3129#note-5

[5]  https://bugs.debian.org/774114

-- 
Daniel Dehennin
Récupérer ma clef GPG: gpg --recv-keys 0xCC1E9E5B7A6FE2DF
Fingerprint: 3E69 014E 5C23 50E8 9ED6  2AAD CC1E 9E5B 7A6F E2DF


signature.asc
Description: PGP signature
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] How to secure VNC access?

[Nico Schottelius]

Hey Daniel,

thanks for following up - I will lock down vnc ports to to only
allow access from the frontend to this a try today!

Cheers,

Nico

Daniel Molina [Fri, Feb 13, 2015 at 09:17:55AM +0100]:
> The novnc-server will translate WebSockets traffic to normal socket
> traffic, therefore you don't have to expose the host IP to the final user,
> she will interact with the proxy.
> 
> Cheers
> 
> On 10 February 2015 at 11:33, Nico Schottelius <
> nico-opennebula@schottelius.org> wrote:
> 
> > Hey,
> >
> > I think I haven't (at least I didn't enable it explicitly).
> >
> > If the novnc-server is enabled, how do I configure the templates?
> > Because at the moment, vnc listens to 0.0.0.0 and is accessible if
> > someone knows the IP and port.
> >
> > Cheers,
> >
> > Nico
> >
> > Daniel Molina [Tue, Feb 10, 2015 at 10:54:36AM +0100]:
> > > Hi,
> > >
> > > Are you using the novnc-server included in OpenNebula? This component
> > uses
> > > a websocket proxy, so that you don't have to expose the VNC socket to
> > your
> > > users, and it will take care of the different tcp sockets.
> > >
> > > Cheers
> > >
> > > On 6 February 2015 at 12:50, Nico Schottelius <
> > > nico-opennebula@schottelius.org> wrote:
> > >
> > > > Good day,
> > > >
> > > > we are about to setup our fourth hosting plattform in the next weeks,
> > > > based on opennebula 4.10.2, ubuntu 14.0 and gluster 3.x (x ~= 4..6).
> > > >
> > > > In our tests the VNC socket of the VMs has been exposed on the hosts
> > > > directly accessible on 0.0.0.0 -> for everyone. Given that sunstone
> > > > will be usable by our customers and VMs will be running on hosts other
> > > > than the one running sunstone, what is the default & secure alternative
> > > > in opennebula?
> > > >
> > > > Do you support vnc / ssh tunneling like described on [0]?
> > > >
> > > > This process is pretty neat, because you don't need to expose VNC at
> > all
> > > > and not care about numbering of tcp sockets.
> > > >
> > > > I guess a combination of ssh unix socket tunneling plus spice on the
> > > > frontend is probably the safest solution - what are your opinions?
> > > >
> > > > How do you configure VNC access at the moment?
> > > >
> > > > [0]
> > > >
> > http://www.nico.schottelius.org/blog/tunneling-qemu-kvm-unix-socket-via-ssh/
> > > >
> > > > --
> > > > New PGP key: 659B 0D91 E86E 7E24 FD15  69D0 C729 21A1 293F 2D24
> > > > ___
> > > > Users mailing list
> > > > Users@lists.opennebula.org
> > > > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
> > > >
> > >
> > >
> > >
> > > --
> > > --
> > > Daniel Molina
> > > Project Engineer
> > > OpenNebula - Flexible Enterprise Cloud Made Simple
> > > www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
> >
> > --
> > New PGP key: 659B 0D91 E86E 7E24 FD15  69D0 C729 21A1 293F 2D24
> >
> 
> 
> 
> -- 
> --
> Daniel Molina
> Project Engineer
> OpenNebula - Flexible Enterprise Cloud Made Simple
> www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula

-- 
New PGP key: 659B 0D91 E86E 7E24 FD15  69D0 C729 21A1 293F 2D24
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] Getting an "HTTP-Error: 500" when executing oneacct -g group

[RubEn DIez LAzaro]

Hi:

I Does not know really if some recent version of libxmlrpc-c fix this 
bug... bug the patch seems to be into some branch


http://sourceforge.net/p/xmlrpc-c/code/2520/

I don't pretend to confuse you with how we discover this bug, but in 
short it appears when executing some accounting software by Boris Parak 
for the Federate cloud of the EGI project


I hope the patch i link help to clarify the situation.

Best regards.


On 12/02/15 22:53, Alejandro Feijóo wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi to all.

As Esteban say,  we have a planned updated to last stable opennebula
release the Wednesday 18th, but i think we can wait if the libxmlrpc-c
is updated in the next days or maybe weeks.

I think we can wait because the new ON not have critical changes (we
have pached one-flow yet) and make 2 updates in the same month can be a
problem for our costumers... (we use oneflow in a lot of critical
services and is a problem make 2 scheduled stops)


But if the change is programated to 4.12 we going to update and patch it
(I think Ruben have a special love story paching software hehe)


Again, a lot of thanks.


El 12/02/15 a las 19:32, Esteban Freire escribió:

Hi Carlos,

Thank you very much for checking it :)

About if it should be fixed in 1.33.14, I hope Rubén answer to this
tomorrow since it is the one looking at this issue.

When do you think we could test this? Sorry for the question/hurry but
we are failing accounting due to this issue in FedCloud (EGI). In
principle, we are going to update to last ON version next Wednesday 18th.

Thanks in advance,
Esteban

On 02/12/2015 07:23 PM, Carlos Martín Sánchez wrote:

Hi,

I'm not directly involved in the packaging, but as far as I can tell,
OpenNebula 4.8 comes with libxmlrpc-c version 1.33.6.
If I understand correctly, the problem you report should be fixed in
1.33.14?

I've checked and the current super stable version is 1.33.16 [1]. We
will see if the static library can be updated without breaking
anything [2].

Regards.

[1] http://xmlrpc-c.sourceforge.net/change_super_stable.html
[2] http://dev.opennebula.org/issues/3594

--
Carlos Martín, MSc
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org  |
cmar...@opennebula.org  | @OpenNebula


On Thu, Feb 12, 2015 at 12:08 PM, RubEn DIez LAzaro mailto:rd...@cesga.es>> wrote:

 HI:

 The distro is Scientific Linux release 6.4 (Carbon) and ONE is
 installed from repo (it seems be the repo for CentOS 6)

 [root@cloud yum.repos.d]# cat opennebula.repo
 [opennebula]
 name=opennebula
 baseurl=http://downloads.opennebula.org/repo/4.8/CentOS/6/x86_64
 enabled=1
 gpgcheck=0


 The installed (from standard repos) version of libxmlrpc-c is
1.16.24:

 # yum info xmlrpc-c
 [.]
 Installed Packages
 Name: xmlrpc-c
 Arch: x86_64
 Version : 1.16.24
 Release : 1209.1840.el6
 Size: 263 k
 Repo: installed
 From repo   : sl
 Summary : A lightweight RPC library based on XML and HTTP
 URL : http://xmlrpc-c.sourceforge.net/
 License : BSD and MIT
 Description : XML-RPC is a quick-and-easy way to make procedure
 calls over the
 : Internet. It converts the procedure call into XML
 document, sends
 : it to a remote server using HTTP, and gets back the
 response as
 : XML.
 :
 : This library provides a modular implementation of
 XML-RPC for C.

 but this is no matter since you claims that ONE is statically
 linked What version of xmlrpc-c is linked to the ONE from the
 showed repo??

 We get a source path for 1.33.14 and we build a possible (yet
 untested, done by hand using patch we have for 1.33.14) patch for
 1.16.24 Perhaps we can send you these patches for fix the
 issue in your statically linked xmlrpc-c???

 Regards.




 On 12/02/15 11:48, Carlos Martín Sánchez wrote:

 Hi,

 We already use a statically linked libxmlrpc-c version to use a
 newer one for some distros.
 How did you install ONE, what packages are you using? Which version?

 Also, can you please share more about the libxmlrpc-c versions
 that cause problems, and when it was fixed?

 Regards
 --
 Carlos Martín, MSc
 Project Engineer
 OpenNebula - Flexible Enterprise Cloud Made Simple
 www.OpenNebula.org  |
 cmar...@opennebula.org  |
 @OpenNebula 

 On Wed, Feb 11, 2015 at 12:53 PM, Esteban Freire
 mailto:esfre...@cesga.es>> wrote:

 Hello,

 We are having an issue with oneacct command when we try to
 get the accounting for a group, for example:

  

[one-users] Upcoming TechDays in 2015

[Daniel Molina]

Dear community,

Besides our annual OpenNebula Conference, we are planning to organize
Technology Day events in multiple cities globally during 2015. In the
shorter term we are planning to organize TechDays in:
* Prague, Czech Republic
* Dublin, Ireland
* Dallas, USA
* Chicago, USA

Please send us an email at eve...@opennebula.org if you are interested in
hosting or participating in a TechDays event.

We look forward to your answers

http://opennebula.org/upcoming-techdays-in-2015/

-- 
--
Daniel Molina
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

[one-users] wrong gateway detected by vm-context

[Madko]

Hi,

It seems vmcontext scripts try to guess the gateway IP as soon as any
interface has a gateway set.

Here is my case:
one vm with eth0 to internal admin network, and eth1 to wan. Only eth1 has
a gateway set.
When init script vmcontext start, it found out that there is a gateway (but
on eth1), and so is_gateway function on eth0 seems to returns true. After
that the gateway is guessed with NETWORK_ADDRESS.1 but I don't know why?

here is my context:
ETH0_IP='192.168.199.109'
ETH0_MAC='02:00:c0:a8:c7:6d'
ETH1_DNS='10.156.255.245'
ETH1_GATEWAY='10.156.0.1'
ETH1_IP='10.156.24.93'
ETH1_MAC='02:00:0a:9c:18:5d'
ETH1_MASK='255.255.224.0'
ETH1_NETWORK='10.156.0.0'

Here is the ifcfg-eth0 written by vmcontext init script:
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
TYPE=Ethernet
NETMASK=255.255.255.0
IPADDR=192.168.199.109
GATEWAY=192.168.199.1

ifcfg-eth1 is good and has its gateway correctly set.

Here is my vnet template where no gateway is set (same problem if I remove
the empty GATEWAY key):
VIRTUAL NETWORK TEMPLATE

BRIDGE="br0"
DESCRIPTION="réseau admin vm"
GATEWAY=""
PHYDEV=""
ROLE="admin"
VLAN="YES"
VLAN_ID="199"

is it a bug?

Attached here is the vmcontext network script log

best regards,

Edouard
+ configure_network
+ gen_network_configuration
++ get_interface_mac
++ awk '/^[0-9]+: [[:alnum:]]+:/ { device=$2; gsub(/:/, "",device)} /link\/ether/ { print device " " $2 }'
++ ip link show
+ INTERFACE_MAC='eth0 02:00:c0:a8:c7:6d
eth1 02:00:0a:9c:18:5d'
++ get_context_interfaces
++ grep -E '^ETH[0-9]+_MAC='
++ sed 's/_.*$//'
++ sort
++ env
+ CONTEXT_INTERFACES='ETH0
ETH1'
++ echo ''
++ sed 's/^ETH//'
+ GATEWAY_IFACE_NUM=
+ for interface in '$CONTEXT_INTERFACES'
+ UPCASE_DEV=ETH0
++ get_iface_var MAC
++ var_name=ETH0_MAC
+++ eval 'echo "${ETH0_MAC}"'
 echo 02:00:c0:a8:c7:6d
++ var=02:00:c0:a8:c7:6d
++ echo 02:00:c0:a8:c7:6d
+ MAC=02:00:c0:a8:c7:6d
++ get_dev 'eth0 02:00:c0:a8:c7:6d
eth1 02:00:0a:9c:18:5d' 02:00:c0:a8:c7:6d
++ list='eth0 02:00:c0:a8:c7:6d
eth1 02:00:0a:9c:18:5d'
++ mac=02:00:c0:a8:c7:6d
++ echo 'eth0 02:00:c0:a8:c7:6d
eth1 02:00:0a:9c:18:5d'
++ grep 02:00:c0:a8:c7:6d
++ cut '-d ' -f1
++ tail -n1
+ DEV=eth0
++ echo ETH0
++ sed 's/^ETH//'
+ IFACE_NUM=0
++ get_ip
+++ get_iface_var IP
+++ var_name=ETH0_IP
 eval 'echo "${ETH0_IP}"'
+ echo 192.168.199.109
+++ var=192.168.199.109
+++ echo 192.168.199.109
++ ip=192.168.199.109
++ '[' -z 192.168.199.109 ']'
++ echo 192.168.199.109
+ IP=192.168.199.109
++ get_network
+++ get_iface_var NETWORK
+++ var_name=ETH0_NETWORK
 eval 'echo "${ETH0_NETWORK}"'
+ echo ''
+++ var=
+++ echo
++ network=
++ '[' -z '' ']'
+++ echo 192.168.199.109
+++ cut -d. -f1,2,3
++ network=192.168.199.0
++ echo 192.168.199.0
+ NETWORK=192.168.199.0
++ get_mask
+++ get_iface_var MASK
+++ var_name=ETH0_MASK
 eval 'echo "${ETH0_MASK}"'
+ echo ''
+++ var=
+++ echo
++ mask=
++ '[' -z '' ']'
++ mask=255.255.255.0
++ echo 255.255.255.0
+ MASK=255.255.255.0
++ get_gateway
++ is_gateway
++ '[' -z '' ']'
++ true
+++ get_iface_var GATEWAY
+++ var_name=ETH0_GATEWAY
 eval 'echo "${ETH0_GATEWAY}"'
+ echo ''
+++ var=
+++ echo
++ gateway=
++ '[' -z '' ']'
++ '[' eth0 = eth0 ']'
+++ echo 192.168.199.0
+++ cut -d. -f1,2,3
++ net_prefix=192.168.199
++ gateway=192.168.199.1
++ echo 192.168.199.1
+ GATEWAY=192.168.199.1
++ get_iface_var IPV6
++ var_name=ETH0_IPV6
+++ eval 'echo "${ETH0_IPV6}"'
 echo ''
++ var=
++ echo
+ IPV6=
+ [[ -z '' ]]
++ get_iface_var IP6
++ var_name=ETH0_IP6
+++ eval 'echo "${ETH0_IP6}"'
 echo ''
++ var=
++ echo
+ IPV6=
++ get_gateway6
++ is_gateway
++ '[' -z '' ']'
++ true
++ get_iface_var GATEWAY6
++ var_name=ETH0_GATEWAY6
+++ eval 'echo "${ETH0_GATEWAY6}"'
 echo ''
++ var=
++ echo
+ GATEWAY6=
++ get_iface_var CONTEXT_FORCE_IPV4
++ var_name=ETH0_CONTEXT_FORCE_IPV4
+++ eval 'echo "${ETH0_CONTEXT_FORCE_IPV4}"'
 echo ''
++ var=
++ echo
+ CONTEXT_FORCE_IPV4=
+ cat
+ [[ -z '' ]]
+ gen_iface_conf
+ cat
+ '[' -n 192.168.199.1 ']'
+ echo GATEWAY=192.168.199.1
+ echo ''
+ [[ -n '' ]]
+ ifup eth0
+ for interface in '$CONTEXT_INTERFACES'
+ UPCASE_DEV=ETH1
++ get_iface_var MAC
++ var_name=ETH1_MAC
+++ eval 'echo "${ETH1_MAC}"'
 echo 02:00:0a:9c:18:5d
++ var=02:00:0a:9c:18:5d
++ echo 02:00:0a:9c:18:5d
+ MAC=02:00:0a:9c:18:5d
++ get_dev 'eth0 02:00:c0:a8:c7:6d
eth1 02:00:0a:9c:18:5d' 02:00:0a:9c:18:5d
++ list='eth0 02:00:c0:a8:c7:6d
eth1 02:00:0a:9c:18:5d'
++ mac=02:00:0a:9c:18:5d
++ grep 02:00:0a:9c:18:5d
++ cut '-d ' -f1
++ tail -n1
++ echo 'eth0 02:00:c0:a8:c7:6d
eth1 02:00:0a:9c:18:5d'
+ DEV=eth1
++ sed 's/^ETH//'
++ echo ETH1
+ IFACE_NUM=1
++ get_ip
+++ get_iface_var IP
+++ var_name=ETH1_IP
 eval 'echo "${ETH1_IP}"'
+ echo 10.156.24.93
+++ var=10.156.24.93
+++ echo 10.156.24.93
++ ip=10.156.24.93
++ '[' -z 10.156.24.93 ']'
++ echo 10.156.24.93
+ IP=10.156.24.93
++ get_network
+++ get_iface_var NETWORK
+++ var_name=ETH1_NETWORK
 eval 'echo "${ETH1_NETWORK}"'
+ echo 10.156.0.0
+++ var=10.156.0.0
+++ echo 10.156.0.0
++ netwo

Re: [one-users] [Sunstone] Mixing password and X509 authentication

[Daniel Molina]

Hi,

In this file you can check the headers used by the x509 auth
https://github.com/OpenNebula/one/blob/master/src/cloud/common/CloudAuth/X509CloudAuth.rb

an this is an old guide on how to setup this configuration in Apache:
http://community.opennebula.org/sunstone_x509

Hope this helps

On 10 February 2015 at 17:16, Daniel Dehennin 
wrote:

> Hello,
>
> I would like to mix the authentication methods on Sunstone.
>
> I created an X509 user[1] and the one* CLI are working with it.
>
> According to the documentation[2], I need to switch Sunstone to “x509”,
> but I thought that using “:auth: opennebula” permit to use whatever is
> configured for the user.
>
> I first try as explained in the documentation:
>
> - set “:auth: x509” in sunstone
>
> - install user certificate authority to “/etc/one/auth/certificates/”
>
> - configure my nginx as describe in attachement
>
> - install the user x509 certificate on my iceweasel 35.0.1 browser
>
> When I access Sunstone, my browser ask me to choose my certificate but I
> finish on login page with only a “Login” button plus the “Keep me logged
> in” checkbox.
>
> I should have miss some headers to add to my Requests.
>
> Any hints?
>
> Regards.
>
> Footnotes:
> [1]
> http://docs.opennebula.org/4.10/administration/authentication/x509_auth.html
>
> [2]
> http://docs.opennebula.org/4.10/administration/authentication/x509_auth.html#enabling-x509-auth-in-sunstone
>
> --
> Daniel Dehennin
> Récupérer ma clef GPG: gpg --recv-keys 0xCC1E9E5B7A6FE2DF
> Fingerprint: 3E69 014E 5C23 50E8 9ED6  2AAD CC1E 9E5B 7A6F E2DF
>
>
> # Opennebula Sunstone
> upstream sunstone {
>  server 127.0.0.1:9869;
> }
>
> upstream onerpc {
>  server 127.0.0.1:2633;
> }
>
> # Port 80 redirected to SSL
> server {
> listen 80;
> server_namenebula.example.net;
>
> location / {
> return 301 https://$host$request_uri?;
> }
> }
>
>
> # SSL reverse-proxy
> server {
> listen 443 default_server;
> listen [::]:443 default_server ipv6only=on;
>
> ssl on;
> ssl_certificate /etc/nginx/ssl/server.crt;
> ssl_certificate_key /etc/nginx/ssl/server.key;
> ssl_client_certificate /etc/nginx/ssl/ca.crt;
> ssl_verify_client optional;
>
> root /usr/share/nginx/html;
> index index.html index.htm;
>
> server_name nebula.example.net;
>
> access_log  /var/log/nginx/opennebula-sunstone-access.log;
> error_log  /var/log/nginx/opennebula-sunstone-error.log;
>
> client_max_body_size 5G;
>
> location / {
> try_files $uri @sunstone;
> }
>
> location /RPC2 {
> include proxy_params;
> proxy_pass http://onerpc;
> }
>
> location @sunstone {
> include proxy_params;
> proxy_set_header SSL_CLIENT_S_DN $ssl_client_s_dn;
> proxy_set_header SSL_CLIENT_I_DN $ssl_client_i_dn;
> proxy_set_header SSH_CLIENT_VERIFY $ssl_client_verify;
> proxy_set_header SSH_CLIENT_CERT $ssl_client_cert;
>
> include ssl_parms;
> proxy_pass http://sunstone;
> }
> }
>
> ___
> Users mailing list
> Users@lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>


-- 
--
Daniel Molina
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Re: [one-users] How to secure VNC access?

[Daniel Molina]

The novnc-server will translate WebSockets traffic to normal socket
traffic, therefore you don't have to expose the host IP to the final user,
she will interact with the proxy.

Cheers

On 10 February 2015 at 11:33, Nico Schottelius <
nico-opennebula@schottelius.org> wrote:

> Hey,
>
> I think I haven't (at least I didn't enable it explicitly).
>
> If the novnc-server is enabled, how do I configure the templates?
> Because at the moment, vnc listens to 0.0.0.0 and is accessible if
> someone knows the IP and port.
>
> Cheers,
>
> Nico
>
> Daniel Molina [Tue, Feb 10, 2015 at 10:54:36AM +0100]:
> > Hi,
> >
> > Are you using the novnc-server included in OpenNebula? This component
> uses
> > a websocket proxy, so that you don't have to expose the VNC socket to
> your
> > users, and it will take care of the different tcp sockets.
> >
> > Cheers
> >
> > On 6 February 2015 at 12:50, Nico Schottelius <
> > nico-opennebula@schottelius.org> wrote:
> >
> > > Good day,
> > >
> > > we are about to setup our fourth hosting plattform in the next weeks,
> > > based on opennebula 4.10.2, ubuntu 14.0 and gluster 3.x (x ~= 4..6).
> > >
> > > In our tests the VNC socket of the VMs has been exposed on the hosts
> > > directly accessible on 0.0.0.0 -> for everyone. Given that sunstone
> > > will be usable by our customers and VMs will be running on hosts other
> > > than the one running sunstone, what is the default & secure alternative
> > > in opennebula?
> > >
> > > Do you support vnc / ssh tunneling like described on [0]?
> > >
> > > This process is pretty neat, because you don't need to expose VNC at
> all
> > > and not care about numbering of tcp sockets.
> > >
> > > I guess a combination of ssh unix socket tunneling plus spice on the
> > > frontend is probably the safest solution - what are your opinions?
> > >
> > > How do you configure VNC access at the moment?
> > >
> > > [0]
> > >
> http://www.nico.schottelius.org/blog/tunneling-qemu-kvm-unix-socket-via-ssh/
> > >
> > > --
> > > New PGP key: 659B 0D91 E86E 7E24 FD15  69D0 C729 21A1 293F 2D24
> > > ___
> > > Users mailing list
> > > Users@lists.opennebula.org
> > > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
> > >
> >
> >
> >
> > --
> > --
> > Daniel Molina
> > Project Engineer
> > OpenNebula - Flexible Enterprise Cloud Made Simple
> > www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
>
> --
> New PGP key: 659B 0D91 E86E 7E24 FD15  69D0 C729 21A1 293F 2D24
>



-- 
--
Daniel Molina
Project Engineer
OpenNebula - Flexible Enterprise Cloud Made Simple
www.OpenNebula.org | dmol...@opennebula.org | @OpenNebula
___
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org