cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jayapal Reddy Uradi <jayapalreddy.ur...@citrix.com>
Subject Re: security group and xenserver query
Date Thu, 27 Nov 2014 11:56:14 GMT
Hi Tejas,

If you run the /opt/cloud/bin/copy_vhd_from_secondarystorage.sh script in xenserver by uncommenting
'set -x' will give the reasons for failure.
#/opt/cloud/bin/copy_vhd_from_secondarystorage.sh '10.3.4.40:/ibm/CloudSecondary/template/tmpl/1/1/'
'4436b39f-2d6b-d0ab-9074-f56daefd2f70' 'cloud-b25f990a-a1fc-459b-87d5-faedf0335031'



  1.
Nov 27 16:18:16 cloud-host1 SM: [4394] ['bash', '/opt/cloud/bin/copy_vhd_from_secondarystorage.sh',
'10.3.4.40:/ibm/CloudSecondary/template/tmpl/1/1/', '4436b39f-2d6b-d0ab-9074-f56daefd2f70',
'cloud-b25f990a-a1fc-459b-87d5-faedf0335031']
  2.
Nov 27 16:18:16 cloud-host1 SM: [4394]   pread SUCCESS
  3.
Nov 27 16:18:17 cloud-host1 SM: [4457] ['bash', '/opt/cloud/bin/kill_copy_process.sh', '']

Thanks,
Jayapl
On 27-Nov-2014, at 5:20 PM, Jayapal Reddy Uradi <jayapalreddy.uradi@citrix.com<mailto:jayapalreddy.uradi@citrix.com>>
 wrote:

Hi Tejas,

Set executable permission to vhd-util
#chmod +x /opt/cloud/bin/vhd-util

After this hopefully next spin of ssvm will come up.

Thanks,
Jayapal
On 27-Nov-2014, at 5:10 PM, Tejas Sheth <tsheth.p@gmail.com<mailto:tsheth.p@gmail.com>>
wrote:

Hi Jayapal,

kindly find the output from above mention command. both location i have
copied vhd-util manually
#ls -l /opt/cloud/bin/vhd-util
-rw-r--r-- 1 root root 318977 Sep 19  2012 /opt/cloud/bin/vhd-util

# find /opt/ -iname vhd-util
/opt/cloud/bin/vhd-util
/opt/xensource/bin/vhd-util

Following is the link for SMlog.log in pastebin.com<http://pastebin.com>

http://pastebin.com/rzcmSbGJ


Thanks and regards,
Tejas

On Thu, Nov 27, 2014 at 4:31 PM, Jayapal Reddy Uradi <
jayapalreddy.uradi@citrix.com> wrote:

Hi Tejas,

Can also please send the corresponding xenserver logs /var/log/SMLog.
When this error is seen in the MS, at the same time take xenserver logs.
For this error xenserver logs will help.

What is the cloudstack version are you using ?

For your reference:
#find /opt/ -iname vhd-util
/opt/cloud/bin/vhd-util
#ls -l /opt/cloud/bin/vhd-util
-rwxr-xr-x 1 root root 318977 Sep 19  2012 /opt/cloud/bin/vhd-util


Thanks,
Jayapal

On 27-Nov-2014, at 4:18 PM, Tejas Sheth <tsheth.p@gmail.com>
wrote:

Hello Jayapal,


kindly find  cloudstack-management log link for pastebin.com

http://pastebin.com/VAgcfN05

Thanks.
Tejas

On Thu, Nov 27, 2014 at 12:24 PM, Jayapal Reddy Uradi <
jayapalreddy.uradi@citrix.com> wrote:

Please share full length of logs in pastebin.com to get the reason for
failure of the systemvm.
Along with the MS logs also check the host logs (/var/log/SMLog).

Check systemvm.iso is present in the host.

Thanks,
Jayapal


On 27-Nov-2014, at 11:49 AM, Tejas Sheth <tsheth.p@gmail.com>
wrote:

Hello Guyz,

We are facing issue starting system VM. deployment is in production so
really need your help. following is the log entry for the error and
detail
of the issue is defiend in my previous mail trail.

2014-11-26 21:45:31,516 ERROR [c.c.v.VirtualMachineManagerImpl]
(secstorage-1:ctx-6761d068) Failed to start instance
VM[SecondaryStorageVm|s-10-VM]
2014-11-26 21:46:01,499 ERROR [c.c.v.VirtualMachineManagerImpl]
(secstorage-1:ctx-1085a3ab) Failed to start instance
VM[SecondaryStorageVm|s-11-VM]

Catch Exception com.cloud.utils.exception.CloudRuntimeException for
template +  due to com.cloud.utils.exception.CloudRuntimeException: can
not
create vdi in sr 3e1f2113-438a-05e7-1b46-4c9b14d56144
com.cloud.utils.exception.CloudRuntimeException: can not create vdi in
sr
3e1f2113-438a-05e7-1b46-4c9b14d56144
2014-11-27 00:00:25,075 INFO  [o.a.c.s.v.VolumeServiceImpl]
(secstorage-1:ctx-b64088a4) Unable to acquire lock on
VMTemplateStoragePool
684


Exception while trying to start secondary storage vm
com.cloud.exception.AgentUnavailableException: Resource [Host:2] is
unreachable: Host 2: Unable to start instance due to null
2014-11-26 21:43:31,828 INFO  [c.c.s.s.SecondaryStorageManagerImpl]
(secstorage-1:ctx-be9596e4) Unable to start secondary storage vm for
standby capacity, secStorageVm vm Id : 6, will recycle it and start a
new
one

Appriciate an immidiate help for above issue.


Thanks,
Tejas

On Nov 27, 2014 1:51 AM, "Geoff Higginbottom" <
geoff.higginbottom@shapeblue.com> wrote:

Sorry Nux, but YES there are Customer Specific VLANs in a Security
Group
enabled Advanced Zone.

When you create an Advanced Zone with Security Groups you initially
create
a 'default guest network' and you allocate a VLAN and IP range to this
network.  This is then used by System VMs and can also be used by all
Accounts.

However you can then, as a Root Admin, create additional Guest
Networks
using the 'Offering for shared security group enabled networks' and
dedicate this to a Domain or an Account. When doing so you allocate a
different VLAN for each additional Guest Network.

The IP range allocated to each network can be either a true Public IP
range OR a Private IP range fronted by a Router/Firewall/Load Balancer
etc
but this will be outside of CloudStack control.

So to answer the original question it is possible to allocate a
separate
VLAN to each Guest Network and if required to front this network with
a
Load Balancer and Firewall to provide additional services, but you
need
to
manage these devices separately so is not a typical configuration for
a
Public Cloud, but could be used in a Private Cloud.

Kind Regards

Geoff Higginbottom
CTO / Cloud Architect

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com | www.shapeblue.com |
Twitter:@shapeblue

ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS


________________________________________
From: Nux! <nux@li.nux.ro>
Sent: 26 November 2014 10:46
To: users@cloudstack.apache.org
Subject: Re: security group and xenserver query

No, in Advanced Zone with SG - just like in Basic zone - there is no
per
customer VLAN; there are no firewall, load balancer or additional
NICs;
there is also no IPv6.

A VM will just get a public IP via DHCP and that's it, the customers
are
isolated via "security groups" which is a fancy name for iptables
rules.

Hope this clears it up.

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

----- Original Message -----
From: "Tejas Sheth" <tsheth.p@gmail.com>
To: users@cloudstack.apache.org
Sent: Wednesday, 26 November, 2014 10:14:11
Subject: Re: security group and xenserver query

Thanks for simplification,
so it means that each account will have seprate VLAN with its own
subnet
and those VLANs will be created and configured in physical switch?

if architecture is above mentioned way configured then how can we
achieve
NAT and loadbalancing?

Thanks
Tejas


On Wed, Nov 26, 2014 at 3:28 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com> wrote:

I like to think of Advanced Network with SG as simply multiple Basic
Networks, each on its own VLAN. You have the same features (or
rather
lack
of) as you would with a Basic Zone, but you have multiple Guest
Networks.

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com

-----Original Message-----
From: Tejas Sheth [mailto:tsheth.p@gmail.com]
Sent: 26 November 2014 09:53
To: users@cloudstack.apache.org
Subject: Re: security group and xenserver query

so NAT and loadbalancers are not possible if we use security group?

so it meanse there will be no internal and external IPs for VMs. is
it
correct?

On Wed, Nov 26, 2014 at 3:14 PM, Jayapal Reddy Uradi <
jayapalreddy.uradi@citrix.com> wrote:

For SG networks there is no public network.
We configure public ips for the guest network.

-Jayapal

On 26-Nov-2014, at 12:00 PM, Tejas Sheth <tsheth.p@gmail.com>
wrote:

Hello,

I have made the bridge configuration, but when i am selecting
advance zone. it is not showing public network configuration. only
guest and management is availabel. also internal CIDR ip
configuration is also not available.
i think it is cinverting to basic zone if we select security group
and xenserver as hypervisor.

Thanks
Tejas

On Tue, Nov 25, 2014 at 9:16 PM, Jayapal Reddy Uradi <
jayapalreddy.uradi@citrix.com> wrote:


For 6.2 you no need to install CSP. My typo mistake in last mail.
sysctl.conf is fine.


Thanks,
Jayapal

On 25-Nov-2014, at 8:45 PM, Tejas Sheth <tsheth.p@gmail.com>
wrote:

Thanks,

So can i take it as confirmation and proceed with only following
bridge configuration in xenserver 6.2?

# xe-switch-network-backend bridge

# vi /etc/sysctl.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-arptables = 1

# sysctl -p /etc/sysctl.conf

Require confirmation for sysctl.cnf configuration part.

Thanks and regards,
Tejas

On Tue, Nov 25, 2014 at 8:31 PM, Vadim Kimlaychuk <
Vadim.Kimlaychuk@elion.ee
wrote:

XenServer does not need any package to be expicitly installed.
When
you
add host to CS it copies some files to the host itself and you
don't
need
to bother about them usually.

Vadim.

-----Original Message-----
From: Tejas Sheth [mailto:tsheth.p@gmail.com]
Sent: Tuesday, November 25, 2014 4:52 PM
To: users@cloudstack.apache.org
Subject: security group and xenserver query

Hello Jayapal,

Thanks for reply, I have understood the bridge configuration
part
but can you clarify CSP package part.

if CSP package comes with xenserver 6.2 then do we need to
install it explicitly?

It would be really helpful if you can send link to install CSP
in
xenserver 6.2 because CS 4.3 document do not have description
for
xenserver
6.2 CSP installation.

----------------------------------------------------------------
Hi Tejas,

The network mode set to 'bridge' mode.
#xe-switch-network-backend  bridge

I think Xenserver 6.2 comes with the CSP package, so you need
to
install
it explicitly.


Thanks,
Jayapal


On 25-Nov-2014, at 4:47 PM, Tejas Sheth <tsheth.p@gmail.com>
wrote:

Hello,

We are configuring advanced zone in cloudstack 4.3 in
xenserver
6.2.
we want to configure security group in advance zone. do we
have
to do any special configuration in xenserver 6.2.

xenserver has default networking configuration.

Thanks and regards,
Tejas





Find out more about ShapeBlue and our range of CloudStack related
services

IaaS Cloud Design & Build<
http://shapeblue.com/iaas-cloud-design-and-build//>
CSForge – rapid IaaS deployment framework<
http://shapeblue.com/csforge/

CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
CloudStack Software Engineering<
http://shapeblue.com/cloudstack-software-engineering/>
CloudStack Infrastructure Support<
http://shapeblue.com/cloudstack-infrastructure-support/>
CloudStack Bootcamp Training Courses<
http://shapeblue.com/cloudstack-training/>

This email and any attachments to it may be confidential and are
intended
solely for the use of the individual to whom it is addressed. Any
views
or
opinions expressed are solely those of the author and do not
necessarily
represent those of Shape Blue Ltd or related companies. If you are
not
the
intended recipient of this email, you must neither take any action
based
upon its contents, nor copy or show it to anyone. Please contact the
sender
if you believe you have received this email in error. Shape Blue Ltd
is
a
company incorporated in England & Wales. ShapeBlue Services India
LLP
is a
company incorporated in India and is operated under license from
Shape
Blue
Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in
Brasil
and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty
Ltd
is
a company registered by The Republic of South Africa and is traded
under
license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Find out more about ShapeBlue and our range of CloudStack related
services

IaaS Cloud Design & Build<
http://shapeblue.com/iaas-cloud-design-and-build//>
CSForge – rapid IaaS deployment framework<
http://shapeblue.com/csforge/

CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
CloudStack Software Engineering<
http://shapeblue.com/cloudstack-software-engineering/>
CloudStack Infrastructure Support<
http://shapeblue.com/cloudstack-infrastructure-support/>
CloudStack Bootcamp Training Courses<
http://shapeblue.com/cloudstack-training/>

This email and any attachments to it may be confidential and are
intended
solely for the use of the individual to whom it is addressed. Any
views
or
opinions expressed are solely those of the author and do not
necessarily
represent those of Shape Blue Ltd or related companies. If you are not
the
intended recipient of this email, you must neither take any action
based
upon its contents, nor copy or show it to anyone. Please contact the
sender
if you believe you have received this email in error. Shape Blue Ltd
is
a
company incorporated in England & Wales. ShapeBlue Services India LLP
is a
company incorporated in India and is operated under license from Shape
Blue
Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in
Brasil
and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty
Ltd
is
a company registered by The Republic of South Africa and is traded
under
license from Shape Blue Ltd. ShapeBlue is a registered trademark.








Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message