cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Weber <>
Subject Re: [DISCUSS] Keeping system vms up to date
Date Wed, 24 Feb 2016 07:34:44 GMT
On Mon, Feb 22, 2016 at 8:58 PM, Rene Moser <> wrote:

> Erik
> On 02/22/2016 01:50 PM, Erik Weber wrote:
> > Adding a boilerplate in the install/admin docs that says "If you have no
> > other tools in place to handle system vm updates, consider enabling this
> > option: x.y.z" is good enough for me.
> > This is supposed to be a way for all those who don't have any
> other/better
> > means of doing this, not a mandatory/forced way of doing it for everyone
> > else.
> Sounds good. :)
> >> I would like to see an api for download and update latest system-vm
> >> template. AFAIK this is still not solved (without touching DB) to update
> >> system-vm templates having same version.
> What do you think about security updating system VM templates?
> Up-to-date system vm templates would be needed anyway.
> >> This way it would be up to the user to handle the upgrade and to think a
> >> bit further we could also define a rollback scenario (use previous
> >> template).
> >>
> >>
> > This thread is ment to discuss varies ways to achieve the goal, I did not
> > mean to propose a single way of doing it.
> > Pushing an ansible inventory script (that works with all major ACS
> > hypervisors) and a playbook is another option.
> It is a shame but I have no experience with "other hypervisors" with
> ACS, just VMware. :( How are KVM/XEN different in VRs then VMware, isn't
> there a VR accessible by SSH (by so called "linklocal" IP) from ACS
> management node?

No, with vmware you use a routable network that is directly accessible from
the mgmt server, but for xenserver and kvm we use a link local network
(169.254.x.x), that is not wired to any physical interface.

Connection to system vms is done by using the actual hypervisor as a SSH
I think I actually hacked your dynamic inventory script at one time to
support this, I can see if I can find it again.


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message