cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tejas Sheth <tshet...@gmail.com>
Subject Re: security group and xenserver query
Date Wed, 26 Nov 2014 17:34:33 GMT
Hi Jayapal,

  initially storage gave error while creating zone after we added vhd-util
so after it got attached. then we tried to reconfigure new zone with
another pool after changing network bridge to openvswitch but still the
same issue.

  follwoing is the error for SMlog

Nov 26 22:11:15 cloud-host1 SM: [4051] ['/usr/sbin/vgs', '--noheadings',
'--nosuffix', '--units', 'b',
'VG_XenStorage-4436b39f-2d6b-d0ab-9074-f56daefd2f70']
Nov 26 22:11:15 cloud-host1 SM: [4051]   pread SUCCESS
Nov 26 22:11:15 cloud-host1 SM: [4051] ['/usr/sbin/vgs', '--noheadings',
'--nosuffix', '--units', 'b',
'VG_XenStorage-4436b39f-2d6b-d0ab-9074-f56daefd2f70']
Nov 26 22:11:15 cloud-host1 SM: [4051]   pread SUCCESS
Nov 26 22:11:15 cloud-host1 SMGC: [4051] No work, exiting
Nov 26 22:11:15 cloud-host1 SMGC: [4051] SR 4436 ('CloudStore-1') (2 VDIs
in 2 VHD trees): no changes
Nov 26 22:11:24 cloud-host1 SM: [4154] ['bash',
'/opt/cloud/bin/copy_vhd_from_secondarystorage.sh',
'10.3.4.40:/ibm/share1/template/tmpl/1/1/',
'4436b39f-2d6b-d0ab-9074-f56daefd2f70',
'cloud-63ae2d9b-23ce-49cc-8b25-b534a3cf0451']
Nov 26 22:11:24 cloud-host1 SM: [4154]   pread SUCCESS
Nov 26 22:11:25 cloud-host1 SM: [4186] ['bash',
'/opt/cloud/bin/kill_copy_process.sh', '']
Nov 26 22:11:25 cloud-host1 SM: [4186]   pread SUCCESS

thanks
Tejas

On Wed, Nov 26, 2014 at 10:30 PM, Jayapal Reddy Uradi <
jayapalreddy.uradi@citrix.com> wrote:

> Hi Tejas,
>
> Please check that your xenserver host copied with 'vhd-util' binary.
> Also check the /var/log/SMLog in the host for more detailed logs for this
> error.
>
> Thanks,
> Jayapal
>
> On 26-Nov-2014, at 9:51 PM, Tejas Sheth <tsheth.p@gmail.com> wrote:
>
> > Hello,
> >
> > ISSUE!!!!!!!
> > we are not using security groups but still bridge is configured. Zone is
> > created sucessfully but System VMs are not able to start. follwoing error
> > we are getting.
> >
> > 2014-11-26 21:43:26,763 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> > (DirectAgent-97:ctx-861d1d2e) can not create vdi in sr
> > 4436b39f-2d6b-d0ab-9074-f56daefd2f70
> > 2014-11-26 21:43:26,763 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> > (DirectAgent-97:ctx-861d1d2e) Catch Exception
> > com.cloud.utils.exception.CloudRuntimeException for template +  due to
> > com.cloud.utils.exception.CloudRuntimeException: can not create vdi in sr
> > 4436b39f-2d6b-d0ab-9074-f56daefd2f70
> > 2014-11-26 21:43:29,612 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> > (DirectAgent-154:ctx-26ef19d8) destoryVDIbyNameLabel failed due to there
> > are 0 VDIs with name cloud-f4f8ad12-b315-4768-9e71-278041d6bb80
> > 2014-11-26 21:43:29,612 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> > (DirectAgent-154:ctx-26ef19d8) can not create vdi in sr
> > 4436b39f-2d6b-d0ab-9074-f56daefd2f70
> > 2014-11-26 21:43:29,612 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> > (DirectAgent-154:ctx-26ef19d8) Catch Exception
> > com.cloud.utils.exception.CloudRuntimeException for template +  due to
> > com.cloud.utils.exception.CloudRuntimeException: can not create vdi in sr
> > 4436b39f-2d6b-d0ab-9074-f56daefd2f70
> > 2014-11-26 21:43:31,564 INFO  [o.a.c.s.v.VolumeServiceImpl]
> > (secstorage-1:ctx-be9596e4) Unable to acquire lock on
> VMTemplateStoragePool
> > 24
> > 2014-11-26 21:43:31,567 ERROR [c.c.v.VirtualMachineManagerImpl]
> > (secstorage-1:ctx-be9596e4) Failed to start instance
> > VM[SecondaryStorageVm|s-6-VM]
> > 2014-11-26 21:43:31,802 DEBUG [c.c.c.CapacityManagerImpl]
> > (secstorage-1:ctx-be9596e4) VM state transitted from :Starting to Stopped
> > with event: OperationFailedvm's original host id: null new host id: null
> > host id before state transition: 2
> > 2014-11-26 21:43:31,825 WARN  [c.c.s.s.SecondaryStorageManagerImpl]
> > (secstorage-1:ctx-be9596e4) Exception while trying to start secondary
> > storage vm
> > com.cloud.exception.AgentUnavailableException: Resource [Host:2] is
> > unreachable: Host 2: Unable to start instance due to null
> > 2014-11-26 21:43:31,828 INFO  [c.c.s.s.SecondaryStorageManagerImpl]
> > (secstorage-1:ctx-be9596e4) Unable to start secondary storage vm for
> > standby capacity, secStorageVm vm Id : 6, will recycle it and start a new
> > one
> >
> > 2014-11-26 21:45:31,516 ERROR [c.c.v.VirtualMachineManagerImpl]
> > (secstorage-1:ctx-6761d068) Failed to start instance
> > VM[SecondaryStorageVm|s-10-VM]
> > 2014-11-26 21:46:01,499 ERROR [c.c.v.VirtualMachineManagerImpl]
> > (secstorage-1:ctx-1085a3ab) Failed to start instance
> > VM[SecondaryStorageVm|s-11-VM]
> >
> >
> > is it because of bridge configuration??
> >
> > We are using FC storage and we have mounted primary storage using
> presetup
> > storage. HA is not configured on xenserver.
> > what are the possible cause of above mentioned issue?
> >
> > Thanks in advance
> > Tejas
> >
> > On Wed, Nov 26, 2014 at 9:45 PM, Tejas Sheth <tsheth.p@gmail.com> wrote:
> >
> >> We are getting following error:
> >> 2014-11-26 21:43:26,763 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> >> (DirectAgent-97:ctx-861d1d2e) can not create vdi in sr
> >> 4436b39f-2d6b-d0ab-9074-f56daefd2f70
> >> 2014-11-26 21:43:26,763 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> >> (DirectAgent-97:ctx-861d1d2e) Catch Exception
> >> com.cloud.utils.exception.CloudRuntimeException for template +  due to
> >> com.cloud.utils.exception.CloudRuntimeException: can not create vdi in
> sr
> >> 4436b39f-2d6b-d0ab-9074-f56daefd2f70
> >> 2014-11-26 21:43:29,612 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> >> (DirectAgent-154:ctx-26ef19d8) destoryVDIbyNameLabel failed due to there
> >> are 0 VDIs with name cloud-f4f8ad12-b315-4768-9e71-278041d6bb80
> >> 2014-11-26 21:43:29,612 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> >> (DirectAgent-154:ctx-26ef19d8) can not create vdi in sr
> >> 4436b39f-2d6b-d0ab-9074-f56daefd2f70
> >> 2014-11-26 21:43:29,612 WARN  [c.c.h.x.r.XenServerStorageProcessor]
> >> (DirectAgent-154:ctx-26ef19d8) Catch Exception
> >> com.cloud.utils.exception.CloudRuntimeException for template +  due to
> >> com.cloud.utils.exception.CloudRuntimeException: can not create vdi in
> sr
> >> 4436b39f-2d6b-d0ab-9074-f56daefd2f70
> >> 2014-11-26 21:43:31,564 INFO  [o.a.c.s.v.VolumeServiceImpl]
> >> (secstorage-1:ctx-be9596e4) Unable to acquire lock on
> VMTemplateStoragePool
> >> 24
> >> 2014-11-26 21:43:31,567 ERROR [c.c.v.VirtualMachineManagerImpl]
> >> (secstorage-1:ctx-be9596e4) Failed to start instance
> >> VM[SecondaryStorageVm|s-6-VM]
> >> 2014-11-26 21:43:31,802 DEBUG [c.c.c.CapacityManagerImpl]
> >> (secstorage-1:ctx-be9596e4) VM state transitted from :Starting to
> Stopped
> >> with event: OperationFailedvm's original host id: null new host id: null
> >> host id before state transition: 2
> >> 2014-11-26 21:43:31,825 WARN  [c.c.s.s.SecondaryStorageManagerImpl]
> >> (secstorage-1:ctx-be9596e4) Exception while trying to start secondary
> >> storage vm
> >> com.cloud.exception.AgentUnavailableException: Resource [Host:2] is
> >> unreachable: Host 2: Unable to start instance due to null
> >> 2014-11-26 21:43:31,828 INFO  [c.c.s.s.SecondaryStorageManagerImpl]
> >> (secstorage-1:ctx-be9596e4) Unable to start secondary storage vm for
> >> standby capacity, secStorageVm vm Id : 6, will recycle it and start a
> new
> >> one
> >>
> >>
> >> is it related to bridge configuration????
> >>
> >> On Wed, Nov 26, 2014 at 4:16 PM, Nux! <nux@li.nux.ro> wrote:
> >>
> >>> No, in Advanced Zone with SG - just like in Basic zone - there is no
> per
> >>> customer VLAN; there are no firewall, load balancer or additional NICs;
> >>> there is also no IPv6.
> >>>
> >>> A VM will just get a public IP via DHCP and that's it, the customers
> are
> >>> isolated via "security groups" which is a fancy name for iptables
> rules.
> >>>
> >>> Hope this clears it up.
> >>>
> >>> --
> >>> Sent from the Delta quadrant using Borg technology!
> >>>
> >>> Nux!
> >>> www.nux.ro
> >>>
> >>> ----- Original Message -----
> >>>> From: "Tejas Sheth" <tsheth.p@gmail.com>
> >>>> To: users@cloudstack.apache.org
> >>>> Sent: Wednesday, 26 November, 2014 10:14:11
> >>>> Subject: Re: security group and xenserver query
> >>>
> >>>> Thanks for simplification,
> >>>> so it means that each account will have seprate VLAN with its own
> >>> subnet
> >>>> and those VLANs will be created and configured in physical switch?
> >>>>
> >>>> if architecture is above mentioned way configured then how can we
> >>> achieve
> >>>> NAT and loadbalancing?
> >>>>
> >>>> Thanks
> >>>> Tejas
> >>>>
> >>>>
> >>>> On Wed, Nov 26, 2014 at 3:28 PM, Geoff Higginbottom <
> >>>> geoff.higginbottom@shapeblue.com> wrote:
> >>>>
> >>>>> I like to think of Advanced Network with SG as simply multiple Basic
> >>>>> Networks, each on its own VLAN. You have the same features (or rather
> >>> lack
> >>>>> of) as you would with a Basic Zone, but you have multiple Guest
> >>> Networks.
> >>>>>
> >>>>> Regards
> >>>>>
> >>>>> Geoff Higginbottom
> >>>>>
> >>>>> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
> >>>>>
> >>>>> geoff.higginbottom@shapeblue.com
> >>>>>
> >>>>> -----Original Message-----
> >>>>> From: Tejas Sheth [mailto:tsheth.p@gmail.com]
> >>>>> Sent: 26 November 2014 09:53
> >>>>> To: users@cloudstack.apache.org
> >>>>> Subject: Re: security group and xenserver query
> >>>>>
> >>>>> so NAT and loadbalancers are not possible if we use security group?
> >>>>>
> >>>>> so it meanse there will be no internal and external IPs for VMs.
is
> it
> >>>>> correct?
> >>>>>
> >>>>> On Wed, Nov 26, 2014 at 3:14 PM, Jayapal Reddy Uradi <
> >>>>> jayapalreddy.uradi@citrix.com> wrote:
> >>>>>
> >>>>>> For SG networks there is no public network.
> >>>>>> We configure public ips for the guest network.
> >>>>>>
> >>>>>> -Jayapal
> >>>>>>
> >>>>>> On 26-Nov-2014, at 12:00 PM, Tejas Sheth <tsheth.p@gmail.com>
> >>>>>> wrote:
> >>>>>>
> >>>>>>> Hello,
> >>>>>>>
> >>>>>>> I have made the bridge configuration, but when i am selecting
> >>>>>>> advance zone. it is not showing public network configuration.
only
> >>>>>>> guest and management is availabel. also internal CIDR ip
> >>>>>>> configuration is also not available.
> >>>>>>> i think it is cinverting to basic zone if we select security
group
> >>>>>>> and xenserver as hypervisor.
> >>>>>>>
> >>>>>>> Thanks
> >>>>>>> Tejas
> >>>>>>>
> >>>>>>> On Tue, Nov 25, 2014 at 9:16 PM, Jayapal Reddy Uradi <
> >>>>>>> jayapalreddy.uradi@citrix.com> wrote:
> >>>>>>>
> >>>>>>>>
> >>>>>>>> For 6.2 you no need to install CSP. My typo mistake
in last mail.
> >>>>>>>> sysctl.conf is fine.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> Thanks,
> >>>>>>>> Jayapal
> >>>>>>>>
> >>>>>>>> On 25-Nov-2014, at 8:45 PM, Tejas Sheth <tsheth.p@gmail.com>
> >>>>>>>> wrote:
> >>>>>>>>
> >>>>>>>>> Thanks,
> >>>>>>>>>
> >>>>>>>>> So can i take it as confirmation and proceed with
only following
> >>>>>>>>> bridge configuration in xenserver 6.2?
> >>>>>>>>>
> >>>>>>>>> # xe-switch-network-backend bridge
> >>>>>>>>>
> >>>>>>>>> # vi /etc/sysctl.conf
> >>>>>>>>>  net.bridge.bridge-nf-call-iptables = 1
> >>>>>>>>>   net.bridge.bridge-nf-call-ip6tables = 0
> >>>>>>>>>    net.bridge.bridge-nf-call-arptables = 1
> >>>>>>>>>
> >>>>>>>>> # sysctl -p /etc/sysctl.conf
> >>>>>>>>>
> >>>>>>>>> Require confirmation for sysctl.cnf configuration
part.
> >>>>>>>>>
> >>>>>>>>> Thanks and regards,
> >>>>>>>>> Tejas
> >>>>>>>>>
> >>>>>>>>> On Tue, Nov 25, 2014 at 8:31 PM, Vadim Kimlaychuk
<
> >>>>>>>> Vadim.Kimlaychuk@elion.ee
> >>>>>>>>>> wrote:
> >>>>>>>>>
> >>>>>>>>>> XenServer does not need any package to be expicitly
installed.
> >>>>>>>>>> When
> >>>>>> you
> >>>>>>>>>> add host to CS it copies some files to the host
itself and you
> >>>>>>>>>> don't
> >>>>>>>> need
> >>>>>>>>>> to bother about them usually.
> >>>>>>>>>>
> >>>>>>>>>> Vadim.
> >>>>>>>>>>
> >>>>>>>>>> -----Original Message-----
> >>>>>>>>>> From: Tejas Sheth [mailto:tsheth.p@gmail.com]
> >>>>>>>>>> Sent: Tuesday, November 25, 2014 4:52 PM
> >>>>>>>>>> To: users@cloudstack.apache.org
> >>>>>>>>>> Subject: security group and xenserver query
> >>>>>>>>>>
> >>>>>>>>>> Hello Jayapal,
> >>>>>>>>>>
> >>>>>>>>>> Thanks for reply, I have understood the bridge
configuration
> >>> part
> >>>>>>>>>> but can you clarify CSP package part.
> >>>>>>>>>>
> >>>>>>>>>> if CSP package comes with xenserver 6.2 then
do we need to
> >>>>>>>>>> install it explicitly?
> >>>>>>>>>>
> >>>>>>>>>> It would be really helpful if you can send link
to install CSP
> >>> in
> >>>>>>>>>> xenserver 6.2 because CS 4.3 document do not
have description
> >>> for
> >>>>>>>> xenserver
> >>>>>>>>>> 6.2 CSP installation.
> >>>>>>>>>> ----------------------------------------------------------------
> >>>>>>>>>> Hi Tejas,
> >>>>>>>>>>
> >>>>>>>>>> The network mode set to 'bridge' mode.
> >>>>>>>>>> #xe-switch-network-backend  bridge
> >>>>>>>>>>
> >>>>>>>>>> I think Xenserver 6.2 comes with the CSP package,
so you need to
> >>>>>> install
> >>>>>>>>>> it explicitly.
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> Thanks,
> >>>>>>>>>> Jayapal
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> On 25-Nov-2014, at 4:47 PM, Tejas Sheth <tsheth.p@gmail.com>
> >>>>>>>>>> wrote:
> >>>>>>>>>>
> >>>>>>>>>>> Hello,
> >>>>>>>>>>>
> >>>>>>>>>>> We are configuring advanced zone in cloudstack
4.3 in xenserver
> >>>>> 6.2.
> >>>>>>>>>>> we want to configure security group in advance
zone. do we have
> >>>>>>>>>>> to do any special configuration in xenserver
6.2.
> >>>>>>>>>>>
> >>>>>>>>>>> xenserver has default networking configuration.
> >>>>>>>>>>>
> >>>>>>>>>>> Thanks and regards,
> >>>>>>>>>>> Tejas
> >>>>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>
> >>>>>>
> >>>>> Find out more about ShapeBlue and our range of CloudStack related
> >>> services
> >>>>>
> >>>>> IaaS Cloud Design & Build<
> >>>>> http://shapeblue.com/iaas-cloud-design-and-build//>
> >>>>> CSForge – rapid IaaS deployment framework<
> >>> http://shapeblue.com/csforge/>
> >>>>> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> >>>>> CloudStack Software Engineering<
> >>>>> http://shapeblue.com/cloudstack-software-engineering/>
> >>>>> CloudStack Infrastructure Support<
> >>>>> http://shapeblue.com/cloudstack-infrastructure-support/>
> >>>>> CloudStack Bootcamp Training Courses<
> >>>>> http://shapeblue.com/cloudstack-training/>
> >>>>>
> >>>>> This email and any attachments to it may be confidential and are
> >>> intended
> >>>>> solely for the use of the individual to whom it is addressed. Any
> >>> views or
> >>>>> opinions expressed are solely those of the author and do not
> >>> necessarily
> >>>>> represent those of Shape Blue Ltd or related companies. If you are
> not
> >>> the
> >>>>> intended recipient of this email, you must neither take any action
> >>> based
> >>>>> upon its contents, nor copy or show it to anyone. Please contact
the
> >>> sender
> >>>>> if you believe you have received this email in error. Shape Blue
Ltd
> >>> is a
> >>>>> company incorporated in England & Wales. ShapeBlue Services
India LLP
> >>> is a
> >>>>> company incorporated in India and is operated under license from
> Shape
> >>> Blue
> >>>>> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
in
> >>> Brasil
> >>>>> and is operated under license from Shape Blue Ltd. ShapeBlue SA
Pty
> >>> Ltd is
> >>>>> a company registered by The Republic of South Africa and is traded
> >>> under
> >>>>> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
> >>>
> >>
> >>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message