Jenkins build is still unstable: simulator-singlerun #206

[jenkins]

See 

[GitHub] cloudstack-docs-rn pull request: Fixed assorted typos.

[asfgit]

Github user asfgit closed the pull request at:

https://github.com/apache/cloudstack-docs-rn/pull/17


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Re: [MERGE] Merge saml2 branch to master

[Sebastien Goasguen]

On Aug 25, 2014, at 11:34 AM, Rohit Yadav  wrote:

> Hi all,
> 
> I would like to merge SAML2 SSO/SLO integration with CloudStack.
> 
> This auth mechanism is implemented as a plugin with special auth cmds that 
> uses an auth framework 
> (https://cwiki.apache.org/confluence/display/CLOUDSTACK/Authentication+Refactoring)
>  to get the pluggability. The present implementation has addressed several 
> open ended questions and was tested to work with feido’s public IdP whose 
> params are also set as default config params. Future iterations will try to 
> solve few leftover agenda as mentioned on the FS.
> 
> Using John Burwell’s recommendation, I’ve not used Spring SAML extension but 
> instead used the OpenSAML library and the inbuilt BountyCastle infra for 
> auth/X509 stuff.
> 
> The major limitation which is by design is that it will work on with HTTP 
> redirections bindings (won’t support SOAP and other resolution protocols as 
> per SAML2 spec) and x509 signature/usage needs to be improved using either 
> CloudStack’s own JKS keystore or create keys in the keystore table when the 
> plugin is configured.
> 
> More more information please read the proposal, FS and feel free to ask 
> questions.
> 
> Branch: saml2
> Proposal: http://markmail.org/message/4ba4ztmqpud3l4uo
> JIRA ticket: https://issues.apache.org/jira/browse/CLOUDSTACK-7083
> FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/SAML+2.0+Plugin
> Unit tests: Tests for each auth cmd class, SAMLUtils and SAMLAuthenticator, 
> fixes unit test for ApiServlet

What's the unit test coverage ?

> Build status: clean build works with unit tests, testing using mvn3.0.5 and 
> jdk 1.7
> 

Can you add some Marvin/integration tests ?

> Compare/diff: https://github.com/apache/cloudstack/compare/master...saml2
> 
> As agreed per the branch expectations, I’ll go ahead with the merge after 72 
> hours, i.e. on/after Wednesday evening.
> 
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +41 779015219 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> 
> 
> 
> Find out more about ShapeBlue and our range of CloudStack related services
> 
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Infrastructure 
> Support
> CloudStack Bootcamp Training 
> Courses
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
> registered by The Republic of South Africa and is traded under license from 
> Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Review Request 24779: [CLOUDSTACK-6254] Template disappears when download cleanup

[Sebastien Goasguen]

> On Aug. 25, 2014, 9:12 p.m., David Bierce wrote:
> >

Let me know if your patch should be applied to 4.3 as well, as I am preparing 
4.3.1


- Sebastien


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/24779/#review51442
---


On Aug. 17, 2014, 3:02 a.m., David Bierce wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/24779/
> ---
> 
> (Updated Aug. 17, 2014, 3:02 a.m.)
> 
> 
> Review request for cloudstack.
> 
> 
> Bugs: CLOUDSTACK-6254
> https://issues.apache.org/jira/browse/CLOUDSTACK-6254
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> PATCH] This is a quick stab at fixing a dataloss bug.  The ultimate
>  solution is to refactor UploadManager to not use any deprecated code. It
>  appears there is still code left over that uses the UploadVO/Dao which no
>  long contains data about URL transfers.  This method was hardcoded to always
>  pass Upload.Type.VOLUME as part of cleanup which was causing templates to be
>  removed entirely from secondary storage not just the symlink on secondary
>  storage.
> 
> Rather than try to refactor all of it out, this puts
> logic for determining if the cleanup task is for a volume or a template
> by doing a lookup on the URL.  It is a duplication of the same logic
> from the calling method but is a very minimal code change until the
> large problem is fixed.
> 
> 
> Diffs
> -
> 
>   
> plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
>  4796653 
> 
> Diff: https://reviews.apache.org/r/24779/diff/
> 
> 
> Testing
> ---
> 
> On Cloudstack 4.2 4.3
> Set cleanupurl to 30 seconds.  Downloaded a template, cleanup remvoed it from 
> database, didn't remove the template.
> Downloaded Volume, volume was cleaned up from secondary stoage and database.
> 
> 
> Thanks,
> 
> David Bierce
> 
>

Re: Review Request 25023: CLOUDSTACK-7405: Allow VR metadata to be accessed without trailing slash

[Sebastien Goasguen]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25023/#review51511
---


applied to 4.3 with b3bfe21cf1e3c73ebdc6b597f32558b63b2fe519

we can wait for Wido and Daan to pick it up for master and 4.4 before closing 
the review and the bug

- Sebastien Goasguen


On Aug. 25, 2014, 7:55 p.m., Erik Weber wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25023/
> ---
> 
> (Updated Aug. 25, 2014, 7:55 p.m.)
> 
> 
> Review request for cloudstack, Marcus Sorensen, Sebastien Goasguen, and Wido 
> den Hollander.
> 
> 
> Bugs: CLOUDSTACK-7405
> https://issues.apache.org/jira/browse/CLOUDSTACK-7405
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> As per https://issues.apache.org/jira/browse/CLOUDSTACK-7405 cloud-init 
> expects to be able to get meta-data directory without using a trailing slash.
> 
> Ultimately this should be fixed in cloud-init, but it's an unintrusive fix in 
> cloudstack
> 
> 
> Diffs
> -
> 
>   systemvm/patches/debian/config/opt/cloud/bin/vmdata.py f508032 
> 
> Diff: https://reviews.apache.org/r/25023/diff/
> 
> 
> Testing
> ---
> 
> tested with curl that both new and old url works
> 
> [root@jenkins ~]# curl -I -s 10.30.81.1/latest/meta-data/vm-id | grep HTTP
> HTTP/1.1 200 OK
> [root@jenkins ~]# curl -I -s 10.30.81.1/latest/meta-data | grep HTTP
> HTTP/1.1 200 OK
> 
> 
> Thanks,
> 
> Erik Weber
> 
>

Re: cloud-init issue

[Sebastien Goasguen]

I applied a new patch from Erik that fixes all URL, as reported by Carlos.

@Nux could you grab 4.3 source and test it with your templates…making sure it 
works with cloud-init ?

thanks,

On Aug 25, 2014, at 6:07 PM, Carlos Reátegui  wrote:

> 
> On Aug 25, 2014, at 12:32 PM, Erik Weber  wrote:
> 
>> On Mon, Aug 25, 2014 at 6:02 PM, Carlos Reátegui 
>> wrote:
>> 
>>> Not sure about this ‘fix’.  If the goal is to match AWS here is the way it
>>> works compared to 4.3.
>>> 
>>> 
>> The actual fix was just for the reported url, ie. meta-data
>> 
>> 
>>> 1) /latest/user-data
>>> 
>>> On AWS one can query /latest/user-data with or without the trailing slash
>>> and BOTH return the user-data
>>> 
>>> On ACS 4.3 /latest/user-data works but with trailing / returns a 404.
>>> 
>>> 2) /latest/meta-data
>>> 
>>> On AWS /latest/meta-data returns a 301 pointing to trailing / version.
>>> With a trailing slash it return the meta-data objects available.
>>> 
>>> 
>> Is it required to respons with 301, or is 200 with the actual content ok?
> I would think 200 with actual content is ok.
> 
>> 
>> 
>>> On ACS 4.3 /latest/meta-data returns 404. With a trailing slash it returns
>>> the meta-data objects available.
>>> 
>>> 3) /latest/meta-data/
>>> 
>>> On AWS with and without / returns the object value(s)
>>> 
>>> On ACS 4.3 without a / it returns the value.  With the / it returns a 404.
>>> 
>> 
>> 
>> I'll work on an improved patch that fixes all the URLs.
>> 
>> Erik
> 

Re: cloud-init issue

[Nux!]

Right, so basically I need to grab the latest 4.3 systevm templates? As I 
understand it that's where the modifications took place.

Lucian


--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro


- Original Message -
> From: "Sebastien Goasguen" 
> To: dev@cloudstack.apache.org, "Nux!" 
> Sent: Tuesday, 26 August, 2014 10:06:41 AM
> Subject: Re: cloud-init issue
> 
> I applied a new patch from Erik that fixes all URL, as reported by Carlos.
> 
> @Nux could you grab 4.3 source and test it with your templates…making sure it
> works with cloud-init ?
> 
> thanks,
> 
> On Aug 25, 2014, at 6:07 PM, Carlos Reátegui  wrote:
> 
> > 
> > On Aug 25, 2014, at 12:32 PM, Erik Weber  wrote:
> > 
> >> On Mon, Aug 25, 2014 at 6:02 PM, Carlos Reátegui 
> >> wrote:
> >> 
> >>> Not sure about this ‘fix’.  If the goal is to match AWS here is the way
> >>> it
> >>> works compared to 4.3.
> >>> 
> >>> 
> >> The actual fix was just for the reported url, ie. meta-data
> >> 
> >> 
> >>> 1) /latest/user-data
> >>> 
> >>> On AWS one can query /latest/user-data with or without the trailing slash
> >>> and BOTH return the user-data
> >>> 
> >>> On ACS 4.3 /latest/user-data works but with trailing / returns a 404.
> >>> 
> >>> 2) /latest/meta-data
> >>> 
> >>> On AWS /latest/meta-data returns a 301 pointing to trailing / version.
> >>> With a trailing slash it return the meta-data objects available.
> >>> 
> >>> 
> >> Is it required to respons with 301, or is 200 with the actual content ok?
> > I would think 200 with actual content is ok.
> > 
> >> 
> >> 
> >>> On ACS 4.3 /latest/meta-data returns 404. With a trailing slash it
> >>> returns
> >>> the meta-data objects available.
> >>> 
> >>> 3) /latest/meta-data/
> >>> 
> >>> On AWS with and without / returns the object value(s)
> >>> 
> >>> On ACS 4.3 without a / it returns the value.  With the / it returns a
> >>> 404.
> >>> 
> >> 
> >> 
> >> I'll work on an improved patch that fixes all the URLs.
> >> 
> >> Erik
> > 
> 
> 

Build failed in Jenkins: cloudstack-4.3-maven-build-noredist #454

[jenkins]

See 


Changes:

[runseb] CLOUDSTACK-7405: Allow all VR urls to be accessed without trailing 
slash

--
Started by upstream project "cloudstack-4.3-maven-build" build number 562
originally caused by:
 Started by an SCM change
[EnvInject] - Loading node environment variables.
Building remotely on cloudstack-buildslave-centos6-e8b 
(cloudstack-buildslave-centos6) in workspace 

Fetching changes from the remote Git repository
Fetching upstream changes from git://git.apache.org/cloudstack.git
Checking out Revision b3bfe21cf1e3c73ebdc6b597f32558b63b2fe519 (origin/4.3)
[copy-to-slave] Copying 'cloudstack-nonoss-deps.tgz', excluding nothing, from 
'file:/var/lib/jenkins/userContent/' on the master to 
' 
on 'cloudstack-buildslave-centos6-e8b'.
[cloudstack-4.3-maven-build-noredist] $ 
/jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven-3.1.1/bin/mvn clean
[INFO] Scanning for projects...
Downloading: 
http://repo.maven.apache.org/maven2/org/apache/cloudstack/cloudstack/4.3.0/cloudstack-4.3.0.pom

[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]   
[ERROR]   The project org.apache.cloudstack:xapi:5.6.100-1-SNAPSHOT 
(
 has 1 error
[ERROR] Non-resolvable parent POM: Could not find artifact 
org.apache.cloudstack:cloudstack:pom:4.3.0 in central 
(http://repo.maven.apache.org/maven2) and 'parent.relativePath' points at wrong 
local POM @ line 21, column 11 -> [Help 2]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e 
switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please 
read the following articles:
[ERROR] [Help 1] 
http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
[ERROR] [Help 2] 
http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
Build step 'Invoke top-level Maven targets' marked build as failure
[FINDBUGS] Skipping publisher since build result is FAILURE
Archiving artifacts

Re: cloud-init issue

[Sebastien Goasguen]

On Aug 26, 2014, at 5:06 AM, Nux!  wrote:

> Right, so basically I need to grab the latest 4.3 systevm templates? As I 
> understand it that's where the modifications took place.
> 

I suppose you can do it that way :) just make sure they have the change in 
there. I just pushed it.
commit b3bfe21cf1e3c73ebdc6b597f32558b63b2fe519
in 4.3 branch

> Lucian
> 
> 
> --
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro
> 
> 
> - Original Message -
>> From: "Sebastien Goasguen" 
>> To: dev@cloudstack.apache.org, "Nux!" 
>> Sent: Tuesday, 26 August, 2014 10:06:41 AM
>> Subject: Re: cloud-init issue
>> 
>> I applied a new patch from Erik that fixes all URL, as reported by Carlos.
>> 
>> @Nux could you grab 4.3 source and test it with your templates…making sure it
>> works with cloud-init ?
>> 
>> thanks,
>> 
>> On Aug 25, 2014, at 6:07 PM, Carlos Reátegui  wrote:
>> 
>>> 
>>> On Aug 25, 2014, at 12:32 PM, Erik Weber  wrote:
>>> 
 On Mon, Aug 25, 2014 at 6:02 PM, Carlos Reátegui 
 wrote:
 
> Not sure about this ‘fix’.  If the goal is to match AWS here is the way
> it
> works compared to 4.3.
> 
> 
 The actual fix was just for the reported url, ie. meta-data
 
 
> 1) /latest/user-data
> 
> On AWS one can query /latest/user-data with or without the trailing slash
> and BOTH return the user-data
> 
> On ACS 4.3 /latest/user-data works but with trailing / returns a 404.
> 
> 2) /latest/meta-data
> 
> On AWS /latest/meta-data returns a 301 pointing to trailing / version.
> With a trailing slash it return the meta-data objects available.
> 
> 
 Is it required to respons with 301, or is 200 with the actual content ok?
>>> I would think 200 with actual content is ok.
>>> 
 
 
> On ACS 4.3 /latest/meta-data returns 404. With a trailing slash it
> returns
> the meta-data objects available.
> 
> 3) /latest/meta-data/
> 
> On AWS with and without / returns the object value(s)
> 
> On ACS 4.3 without a / it returns the value.  With the / it returns a
> 404.
> 
 
 
 I'll work on an improved patch that fixes all the URLs.
 
 Erik
>>> 
>> 
>> 

Re: [MERGE] Merge saml2 branch to master

[Rohit Yadav]

Hi Sebastien,

On 26-Aug-2014, at 10:38 am, Sebastien Goasguen  wrote:
> What's the unit test coverage ?

Class, %Method, %Line, %
SAMLUtils100% (1/ 1)80% (8/ 10)75% (66/ 88)
SAML2UserAuthenticator100% (1/ 1)100% (4/ 4)84.6% (11/ 13)
SAML2LoginAPIAuthenticatorCmd100% (1/ 1)45.5% (5/ 11)50.8% (63/ 124)
SAML2LoginAPIAuthenticatorCmdTest100% (1/ 1)100% (4/ 4)98.6% (72/ 73)
SAML2LogoutAPIAuthenticatorCmd100% (1/ 1)62.5% (5/ 8)35.3% (18/ 51)
SAML2LogoutAPIAuthenticatorCmdTest100% (1/ 1)100% (3/ 3)100% (26/ 26)
SAML2AuthManagerImpl0% (0/ 1)0% (0/ 12)0% (0/ 60)

(The last one, auth manager is an adapter which is injected by Spring to an api 
auth manager, the start() method of which depends on fetching metadata from 
external IdP so may not be unit tested).

Existing contract of ApiServlet and other classes and their external interfaces 
have not changed. ApiServlet’s test cases were fixed.

> Can you add some Marvin/integration tests ?

Depends on external entity, IdP, will be difficult to write and I don’t know 
how.
The saml plugin’s external operation consists of redirecting user to IdP for 
authentication when samlsso or samlslo apis are called. Selenium tests could be 
written but we don’t have any such infra or existing tests yet.

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +41 779015219 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: [MERGE] Merge saml2 branch to master

[Sebastien Goasguen]

On Aug 26, 2014, at 5:41 AM, Rohit Yadav  wrote:

> Hi Sebastien,
> 
> On 26-Aug-2014, at 10:38 am, Sebastien Goasguen  wrote:
>> What's the unit test coverage ?
> 
> Class, %Method, %Line, %
> SAMLUtils100% (1/ 1)80% (8/ 10)75% (66/ 88)
> SAML2UserAuthenticator100% (1/ 1)100% (4/ 4)84.6% (11/ 13)
> SAML2LoginAPIAuthenticatorCmd100% (1/ 1)45.5% (5/ 11)50.8% (63/ 124)
> SAML2LoginAPIAuthenticatorCmdTest100% (1/ 1)100% (4/ 4)98.6% (72/ 73)
> SAML2LogoutAPIAuthenticatorCmd100% (1/ 1)62.5% (5/ 8)35.3% (18/ 51)
> SAML2LogoutAPIAuthenticatorCmdTest100% (1/ 1)100% (3/ 3)100% (26/ 26)
> SAML2AuthManagerImpl0% (0/ 1)0% (0/ 12)0% (0/ 60)
> 
> (The last one, auth manager is an adapter which is injected by Spring to an 
> api auth manager, the start() method of which depends on fetching metadata 
> from external IdP so may not be unit tested).
> 
> Existing contract of ApiServlet and other classes and their external 
> interfaces have not changed. ApiServlet’s test cases were fixed.
> 
>> Can you add some Marvin/integration tests ?
> 
> Depends on external entity, IdP, will be difficult to write and I don’t know 
> how.
> The saml plugin’s external operation consists of redirecting user to IdP for 
> authentication when samlsso or samlslo apis are called. Selenium tests could 
> be written but we don’t have any such infra or existing tests yet.

we do have some selenium tests in /test/selenium but I don't think they are 
being run.

+1 from me (satisfied with your answers)


> 
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +41 779015219 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> 
> 
> 
> Find out more about ShapeBlue and our range of CloudStack related services
> 
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Infrastructure 
> Support
> CloudStack Bootcamp Training 
> Courses
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
> registered by The Republic of South Africa and is traded under license from 
> Shape Blue Ltd. ShapeBlue is a registered trademark.

Jenkins build is still unstable: simulator-singlerun #207

[jenkins]

See 

Re: Review Request 25017: Disabling VPC tests on Hyper-v

[sanjeev n]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25017/
---

(Updated Aug. 26, 2014, 10 a.m.)


Review request for cloudstack, John Dilley, Santhosh Edukulla, and 
SrikanteswaraRao Talluri.


Repository: cloudstack-git


Description
---

skipping VPC tests on Hyper-v. Made changes to following test scripts to skip 
VPC tests on Hyper-v :
/test/integration/smoke/test_network_acl.py 
b/test/integration/smoke/test_network_acl.py
/test/integration/smoke/test_privategw_acl.py 
b/test/integration/smoke/test_privategw_acl.py
test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py


Diffs
-

  test/integration/smoke/test_network_acl.py 015ebab 
  test/integration/smoke/test_privategw_acl.py cf0f8e3 
  test/integration/smoke/test_vpc_vpn.py 9e8f97f 

Diff: https://reviews.apache.org/r/25017/diff/


Testing
---

Yes


Thanks,

sanjeev n

Re: [MERGE] Merge saml2 branch to master

[Rohit Yadav]

On 26-Aug-2014, at 11:47 am, Sebastien Goasguen  wrote:
> we do have some selenium tests in /test/selenium but I don't think they are 
> being run.
>
> +1 from me (satisfied with your answers)

Thanks! Few more classes;

Class, %Method, %Line, %
GetServiceProviderMetaDataCmd100% (1/ 1)62.5% (5/ 8)77.9% (53/ 68)
SAMLMetaDataResponse100% (1/ 1)66.7% (2/ 3)80% (4/ 5)

>From IntelliJ: http://people.apache.org/~bhaisaab/samlcoverage.png

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +41 779015219 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: S3/Swift Problem around Virtual Size

[Francois Gaudreault]

Punith,

We are using Swift. We have a tmpauth proxy.

FG
On Aug 26, 2014 2:48 AM, "Punith S"  wrote:

> sure mike,
>
> since i don't have a S3 account, i'm getting one today.
>
> francois, can you brief me how you seeded your templates into S3.
>
> thanks!
>
>
> On Mon, Aug 25, 2014 at 11:16 PM, Mike Tutkowski <
> mike.tutkow...@solidfire.com> wrote:
>
>> Yes, I expect we'll see the same issue with S3, as well.
>>
>> Punith - Is this something you might have time to investigate? Perhaps
>> Edison can point us in the right direction here.
>>
>>
>> On Mon, Aug 25, 2014 at 5:17 AM, Francois Gaudreault <
>> fgaudrea...@cloudops.com> wrote:
>>
>> > Punith,
>> >
>> > I highly anticipate the same issue with S3... it shares a lot of code
>> with
>> > swift.
>> >
>> > My focus would be swift, but we should fix for both :)
>> >
>> > FG
>> > On Aug 25, 2014 6:33 AM, "Punith S"  wrote:
>> >
>> > > thanks for opening this thread mike,
>> > >
>> > > since i only use nfs as my secondary storage provider, i didn't see
>> this
>> > > issue till date.
>> > >
>> > > is this issue occurring even using a S3 secondary storage with staging
>> > nfs
>> > > store ?
>> > >
>> > > if so like edison pointed we need to fetch the virtual size from the
>> nfs
>> > > store instead of S3 in the deploymentmanager.
>> > >
>> > > thanks
>> > >
>> > >
>> > > On Sat, Aug 23, 2014 at 3:45 AM, Mike Tutkowski <
>> > > mike.tutkow...@solidfire.com> wrote:
>> > >
>> > > > Hey Edison,
>> > > >
>> > > > Do you know how difficult/easy of a fix this is, who might be
>> available
>> > > to
>> > > > put this fix in, and for what release (hopefully 4.4.1) this fix
>> could
>> > > find
>> > > > its way in?
>> > > >
>> > > > Thanks!
>> > > > Mike
>> > > >
>> > > >
>> > > > On Fri, Aug 22, 2014 at 3:37 PM, Francois Gaudreault <
>> > > > fgaudrea...@cloudops.com> wrote:
>> > > >
>> > > > > Min,
>> > > > >
>> > > > > Ok, but this is not the behavior I see. Even without requesting a
>> VM
>> > > > > create, the template is pushed to the staging NFS at least once.
>> Is
>> > it
>> > > > > downloaded there or pushed after download, that I am not sure. I
>> was
>> > > > > assuming the swift upload bash script was executed after the
>> template
>> > > is
>> > > > on
>> > > > > the staging.
>> > > > >
>> > > > > Anyway... the focus is on the virt size, and you all know the code
>> > > better
>> > > > > than I do :)
>> > > > >
>> > > > > FG
>> > > > > On Aug 22, 2014 5:28 PM, "Min Chen"  wrote:
>> > > > >
>> > > > >> No. For S3/Swift, register template will directly upload
>> templates
>> > to
>> > > S3
>> > > > >> without going through staging NFS. It will only be copied to
>> staging
>> > > NFS
>> > > > >> when we first use that template to provision a VM.
>> > > > >>
>> > > > >> Thanks
>> > > > >> -min
>> > > > >>
>> > > > >> On 8/22/14 2:25 PM, "Francois Gaudreault" <
>> fgaudrea...@cloudops.com
>> > >
>> > > > >> wrote:
>> > > > >>
>> > > > >> >Edison,
>> > > > >> >
>> > > > >> >Isnt the templates downloaded to the Staging NFS first?
>> > > > >> >
>> > > > >> >FG
>> > > > >> >On Aug 22, 2014 5:20 PM, "Edison Su" 
>> wrote:
>> > > > >> >
>> > > > >> >> I know the reason why the size of template doesn¹t have
>> correct
>> > > > virtual
>> > > > >> >> size if it¹s registered in S3/Swift:
>> > > > >> >> In case of s3/swift, the template is directly stored into
>> > s3/swift
>> > > > >> >>through
>> > > > >> >> swift/s3 api, there is no place for cloudstack to look into
>> > > template,
>> > > > >> to
>> > > > >> >> find out the virtual size during template registration.
>> > > > >> >> While, if secondary storage is NFS, the template is first
>> stored
>> > on
>> > > > >> >> NFS(which has file system), cloudstack can unzip the
>> template(if
>> > > > it¹s a
>> > > > >> >> zipped file), and read virtual size from the file, then report
>> > back
>> > > > to
>> > > > >> >>mgt
>> > > > >> >> server.
>> > > > >> >> In order to fix it, we can add some code as: all the templates
>> > > > >> >>registered
>> > > > >> >> on Swift/S3, need to be downloaded to a NFS intermediate
>> storage
>> > > > before
>> > > > >> >>it
>> > > > >> >> can be consumed by primary storage. After the download
>> finished,
>> > > then
>> > > > >> we
>> > > > >> >> check virtual size of template, and report back to mgt
>> > > server/update
>> > > > DB
>> > > > >> >>etc.
>> > > > >> >>
>> > > > >> >> From: Mike Tutkowski [mailto:mike.tutkow...@solidfire.com]
>> > > > >> >> Sent: Friday, August 22, 2014 1:38 PM
>> > > > >> >> To: dev@cloudstack.apache.org
>> > > > >> >> Cc: Edison Su
>> > > > >> >> Subject: S3/Swift Problem around Virtual Size
>> > > > >> >>
>> > > > >> >> Hi,
>> > > > >> >>
>> > > > >> >> This was brought up in a different e-mail thread, but I
>> wanted to
>> > > > make
>> > > > >> >>it
>> > > > >> >> more clear that it's related to CloudStack's download code
>> around
>> > > > >> >>S3/Swift,
>> > > > >> >> so I'm opening up a new thread.
>> > > > >> >>
>> > > > >> >> Francois (from

Access control

[Giri Prasad]

Hello,

 I have cs 4.1 running on ubuntu 12.04 LTS. I created a private zone, 2 domains 
like domain1/domain2, 2 domain admins (admin1 and admin2), and 1 user each in 
every domain: the admin names like admin1user and admin2user.

Uploaded 2 Iso's of centos and ubuntu using admin login, into the cloudstack 
env.  (Register ISO).


Logged in as (domain) admin1 in domain1 and created instance1 with apps, and 
created a template1 for this instance.  Then logged in as  (domain) admin1user 
in domain1, and the template1 is visible for instance creation.

Logged in as (domain) admin2 in domain2 and created instance2 with apps, and 
created a template2 for this instance.  Then logged in as  (domain) 
admin2user in domain2, and the template1 and template2 are both, visible for 
instance 
creation.

Logged in as  (domain) admin1user in domain1, now both template1 and template2 
are visible for instance 
creation.

 I want template1 to be available to domain1 only. And  template2 to be 
available to domain2 only.

Any ideas?

Thanks & Regards,
Giri

Re: S3/Swift Problem around Virtual Size

[Francois Gaudreault]

I mean we are populating the template just like we would do with normal NFS
using the UI.

ACS takes care of pushing to swift.

FG
On Aug 26, 2014 6:02 AM, "Francois Gaudreault" 
wrote:

> Punith,
>
> We are using Swift. We have a tmpauth proxy.
>
> FG
> On Aug 26, 2014 2:48 AM, "Punith S"  wrote:
>
>> sure mike,
>>
>> since i don't have a S3 account, i'm getting one today.
>>
>> francois, can you brief me how you seeded your templates into S3.
>>
>> thanks!
>>
>>
>> On Mon, Aug 25, 2014 at 11:16 PM, Mike Tutkowski <
>> mike.tutkow...@solidfire.com> wrote:
>>
>>> Yes, I expect we'll see the same issue with S3, as well.
>>>
>>> Punith - Is this something you might have time to investigate? Perhaps
>>> Edison can point us in the right direction here.
>>>
>>>
>>> On Mon, Aug 25, 2014 at 5:17 AM, Francois Gaudreault <
>>> fgaudrea...@cloudops.com> wrote:
>>>
>>> > Punith,
>>> >
>>> > I highly anticipate the same issue with S3... it shares a lot of code
>>> with
>>> > swift.
>>> >
>>> > My focus would be swift, but we should fix for both :)
>>> >
>>> > FG
>>> > On Aug 25, 2014 6:33 AM, "Punith S"  wrote:
>>> >
>>> > > thanks for opening this thread mike,
>>> > >
>>> > > since i only use nfs as my secondary storage provider, i didn't see
>>> this
>>> > > issue till date.
>>> > >
>>> > > is this issue occurring even using a S3 secondary storage with
>>> staging
>>> > nfs
>>> > > store ?
>>> > >
>>> > > if so like edison pointed we need to fetch the virtual size from the
>>> nfs
>>> > > store instead of S3 in the deploymentmanager.
>>> > >
>>> > > thanks
>>> > >
>>> > >
>>> > > On Sat, Aug 23, 2014 at 3:45 AM, Mike Tutkowski <
>>> > > mike.tutkow...@solidfire.com> wrote:
>>> > >
>>> > > > Hey Edison,
>>> > > >
>>> > > > Do you know how difficult/easy of a fix this is, who might be
>>> available
>>> > > to
>>> > > > put this fix in, and for what release (hopefully 4.4.1) this fix
>>> could
>>> > > find
>>> > > > its way in?
>>> > > >
>>> > > > Thanks!
>>> > > > Mike
>>> > > >
>>> > > >
>>> > > > On Fri, Aug 22, 2014 at 3:37 PM, Francois Gaudreault <
>>> > > > fgaudrea...@cloudops.com> wrote:
>>> > > >
>>> > > > > Min,
>>> > > > >
>>> > > > > Ok, but this is not the behavior I see. Even without requesting
>>> a VM
>>> > > > > create, the template is pushed to the staging NFS at least once.
>>> Is
>>> > it
>>> > > > > downloaded there or pushed after download, that I am not sure. I
>>> was
>>> > > > > assuming the swift upload bash script was executed after the
>>> template
>>> > > is
>>> > > > on
>>> > > > > the staging.
>>> > > > >
>>> > > > > Anyway... the focus is on the virt size, and you all know the
>>> code
>>> > > better
>>> > > > > than I do :)
>>> > > > >
>>> > > > > FG
>>> > > > > On Aug 22, 2014 5:28 PM, "Min Chen"  wrote:
>>> > > > >
>>> > > > >> No. For S3/Swift, register template will directly upload
>>> templates
>>> > to
>>> > > S3
>>> > > > >> without going through staging NFS. It will only be copied to
>>> staging
>>> > > NFS
>>> > > > >> when we first use that template to provision a VM.
>>> > > > >>
>>> > > > >> Thanks
>>> > > > >> -min
>>> > > > >>
>>> > > > >> On 8/22/14 2:25 PM, "Francois Gaudreault" <
>>> fgaudrea...@cloudops.com
>>> > >
>>> > > > >> wrote:
>>> > > > >>
>>> > > > >> >Edison,
>>> > > > >> >
>>> > > > >> >Isnt the templates downloaded to the Staging NFS first?
>>> > > > >> >
>>> > > > >> >FG
>>> > > > >> >On Aug 22, 2014 5:20 PM, "Edison Su" 
>>> wrote:
>>> > > > >> >
>>> > > > >> >> I know the reason why the size of template doesn¹t have
>>> correct
>>> > > > virtual
>>> > > > >> >> size if it¹s registered in S3/Swift:
>>> > > > >> >> In case of s3/swift, the template is directly stored into
>>> > s3/swift
>>> > > > >> >>through
>>> > > > >> >> swift/s3 api, there is no place for cloudstack to look into
>>> > > template,
>>> > > > >> to
>>> > > > >> >> find out the virtual size during template registration.
>>> > > > >> >> While, if secondary storage is NFS, the template is first
>>> stored
>>> > on
>>> > > > >> >> NFS(which has file system), cloudstack can unzip the
>>> template(if
>>> > > > it¹s a
>>> > > > >> >> zipped file), and read virtual size from the file, then
>>> report
>>> > back
>>> > > > to
>>> > > > >> >>mgt
>>> > > > >> >> server.
>>> > > > >> >> In order to fix it, we can add some code as: all the
>>> templates
>>> > > > >> >>registered
>>> > > > >> >> on Swift/S3, need to be downloaded to a NFS intermediate
>>> storage
>>> > > > before
>>> > > > >> >>it
>>> > > > >> >> can be consumed by primary storage. After the download
>>> finished,
>>> > > then
>>> > > > >> we
>>> > > > >> >> check virtual size of template, and report back to mgt
>>> > > server/update
>>> > > > DB
>>> > > > >> >>etc.
>>> > > > >> >>
>>> > > > >> >> From: Mike Tutkowski [mailto:mike.tutkow...@solidfire.com]
>>> > > > >> >> Sent: Friday, August 22, 2014 1:38 PM
>>> > > > >> >> To: dev@cloudstack.apache.org
>>> > > > >> >> Cc: Edison Su
>>> > > > >> >> Subject: S3/Swift Problem around Virt

Jenkins build is still unstable: simulator-singlerun #208

[jenkins]

See 

Ice bucket challenge

[Giles Sirett]

I thought it was about time we brought this into Cloudstack :)
http://youtu.be/drZlbehnlNY


Geoff, Chip, Steve,  & Sebastien - over to you

(I know my video is bad, but I aint doing it again)


Kind Regards
Giles

Giles Sirett
CEO

[Description: Mail Logo Bottom Align]

D: +44 20 3603 0541 | S: +44 20 3603 0540 | M: +44 796 111 2055

giles.sir...@shapeblue.com | 
www.shapeblue.com | 
Twitter:@shapeBlue


Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge - rapid IaaS deployment framework
CloudStack Consulting
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Ice bucket challenge

[Sebastien Goasguen]

I will have to decline until you pronounce my name properly :)

-Sebastien

> On 26 Aug 2014, at 13:18, Giles Sirett  wrote:
> 
> I thought it was about time we brought this into Cloudstack J
> http://youtu.be/drZlbehnlNY
>  
>  
> Geoff, Chip, Steve,  & Sebastien – over to you
>  
> (I know my video is bad, but I aint doing it again)
>  
>  
> Kind Regards
> Giles
>  
> Giles Sirett
> CEO
>  
> 
>  
> D: +44 20 3603 0541 | S: +44 20 3603 0540 | M: +44 796 111 2055
>  
> giles.sir...@shapeblue.com | www.shapeblue.com | Twitter:@shapeBlue
>  
>  
> Find out more about ShapeBlue and our range of CloudStack related services
> 
> IaaS Cloud Design & Build
> CSForge – rapid IaaS deployment framework
> CloudStack Consulting
> CloudStack Infrastructure Support
> CloudStack Bootcamp Training Courses
> 
> This email and any attachments to it may be confidential and are intended 
> solely for the use of the individual to whom it is addressed. Any views or 
> opinions expressed are solely those of the author and do not necessarily 
> represent those of Shape Blue Ltd or related companies. If you are not the 
> intended recipient of this email, you must neither take any action based upon 
> its contents, nor copy or show it to anyone. Please contact the sender if you 
> believe you have received this email in error. Shape Blue Ltd is a company 
> incorporated in England & Wales. ShapeBlue Services India LLP is a company 
> incorporated in India and is operated under license from Shape Blue Ltd. 
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
> operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
> registered by The Republic of South Africa and is traded under license from 
> Shape Blue Ltd. ShapeBlue is a registered trademark.

Jenkins build is still unstable: simulator-singlerun #209

[jenkins]

See 

Build failed in Jenkins: build-master-noredist #3396

[jenkins]

See 

--
Started by upstream project "build-master" build number 1472
originally caused by:
 Started by an SCM change
[EnvInject] - Loading node environment variables.
Building remotely on cloudstack-buildslave-centos6-e8b 
(cloudstack-buildslave-centos6) in workspace 

Fetching changes from the remote Git repository
Fetching upstream changes from 
https://git-wip-us.apache.org/repos/asf/cloudstack.git
ERROR: Timeout after 400 minutes
FATAL: Failed to fetch from 
https://git-wip-us.apache.org/repos/asf/cloudstack.git
hudson.plugins.git.GitException: Failed to fetch from 
https://git-wip-us.apache.org/repos/asf/cloudstack.git
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:625)
at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:847)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:872)
at hudson.model.AbstractProject.checkout(AbstractProject.java:1320)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.defaultCheckout(AbstractBuild.java:609)
at jenkins.scm.SCMCheckoutStrategy.checkout(SCMCheckoutStrategy.java:88)
at 
hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:518)
at hudson.model.Run.execute(Run.java:1688)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:88)
at hudson.model.Executor.run(Executor.java:231)
Caused by: hudson.plugins.git.GitException: Command "git fetch --tags 
--progress https://git-wip-us.apache.org/repos/asf/cloudstack.git 
+refs/heads/*:refs/remotes/origin/*" returned status code 128:
stdout: 
stderr: error: RPC failed; result=52, HTTP code = 100
error: fetch-pack died of signal 15

at 
org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:1086)
at 
org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:968)
at 
org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$200(CliGitAPIImpl.java:71)
at 
org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:197)
at 
org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$1.call(RemoteGitImpl.java:152)
at 
org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$1.call(RemoteGitImpl.java:145)
at hudson.remoting.UserRequest.perform(UserRequest.java:118)
at hudson.remoting.UserRequest.perform(UserRequest.java:48)
at hudson.remoting.Request$2.run(Request.java:328)
at 
hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:701)

RE: Ice bucket challenge

[Steve Roles]

I'll be following one of my heroes approach to this...

https://www.youtube.com/watch?v=Ju5VxyM3S4o

Regards,

Steve Roles

D: +44 20 3642 6102 | S: +44 20 3603 0540 
| M: +44 7770 745 036

steve.ro...@shapeblue.com

From: Giles Sirett
Sent: 26 August 2014 12:19
To: dev@cloudstack.apache.org
Cc: Steve Roles; Geoff Higginbottom; 'Chip Childers'; Sebastien Goasguen
Subject: Ice bucket challenge

I thought it was about time we brought this into Cloudstack :)
http://youtu.be/drZlbehnlNY


Geoff, Chip, Steve,  & Sebastien - over to you

(I know my video is bad, but I aint doing it again)


Kind Regards
Giles

Giles Sirett
CEO

[Description: Mail Logo Bottom Align]

D: +44 20 3603 0541 | S: +44 20 3603 0540 | M: +44 796 111 2055

giles.sir...@shapeblue.com | 
www.shapeblue.com | 
Twitter:@shapeBlue


Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge - rapid IaaS deployment framework
CloudStack Consulting
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Jenkins build is still unstable: simulator-singlerun #210

[jenkins]

See 

Jenkins build is back to normal : build-master-noredist #3397

[jenkins]

See 

Re: S3/Swift Problem around Virtual Size

[Punith S]

hi,

i'm trying to deploy a zone with S3 alongside an empty staging nfs store as
the secondary storage,

does anyone have idea about how to seed the s3 secondary storage with ssvm
templates to bring up the secondary storage VM ?

like in nfs we seed nfs sec store by running this script

/usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt \
-m /mnt/secondary \
-u 
http://cloudstack.apt-get.eu/systemvm/4.4/systemvm64template-4.4.0-6-xen.vhd.bz2
\
-h xenserver \
-s  \
-F

should i seed the staging nfs with the above script ?

thanks



On Tue, Aug 26, 2014 at 4:00 PM, Francois Gaudreault <
fgaudrea...@cloudops.com> wrote:

> I mean we are populating the template just like we would do with normal
> NFS using the UI.
>
> ACS takes care of pushing to swift.
>
> FG
> On Aug 26, 2014 6:02 AM, "Francois Gaudreault" 
> wrote:
>
>> Punith,
>>
>> We are using Swift. We have a tmpauth proxy.
>>
>> FG
>> On Aug 26, 2014 2:48 AM, "Punith S"  wrote:
>>
>>> sure mike,
>>>
>>> since i don't have a S3 account, i'm getting one today.
>>>
>>> francois, can you brief me how you seeded your templates into S3.
>>>
>>> thanks!
>>>
>>>
>>> On Mon, Aug 25, 2014 at 11:16 PM, Mike Tutkowski <
>>> mike.tutkow...@solidfire.com> wrote:
>>>
 Yes, I expect we'll see the same issue with S3, as well.

 Punith - Is this something you might have time to investigate? Perhaps
 Edison can point us in the right direction here.


 On Mon, Aug 25, 2014 at 5:17 AM, Francois Gaudreault <
 fgaudrea...@cloudops.com> wrote:

 > Punith,
 >
 > I highly anticipate the same issue with S3... it shares a lot of code
 with
 > swift.
 >
 > My focus would be swift, but we should fix for both :)
 >
 > FG
 > On Aug 25, 2014 6:33 AM, "Punith S"  wrote:
 >
 > > thanks for opening this thread mike,
 > >
 > > since i only use nfs as my secondary storage provider, i didn't see
 this
 > > issue till date.
 > >
 > > is this issue occurring even using a S3 secondary storage with
 staging
 > nfs
 > > store ?
 > >
 > > if so like edison pointed we need to fetch the virtual size from
 the nfs
 > > store instead of S3 in the deploymentmanager.
 > >
 > > thanks
 > >
 > >
 > > On Sat, Aug 23, 2014 at 3:45 AM, Mike Tutkowski <
 > > mike.tutkow...@solidfire.com> wrote:
 > >
 > > > Hey Edison,
 > > >
 > > > Do you know how difficult/easy of a fix this is, who might be
 available
 > > to
 > > > put this fix in, and for what release (hopefully 4.4.1) this fix
 could
 > > find
 > > > its way in?
 > > >
 > > > Thanks!
 > > > Mike
 > > >
 > > >
 > > > On Fri, Aug 22, 2014 at 3:37 PM, Francois Gaudreault <
 > > > fgaudrea...@cloudops.com> wrote:
 > > >
 > > > > Min,
 > > > >
 > > > > Ok, but this is not the behavior I see. Even without requesting
 a VM
 > > > > create, the template is pushed to the staging NFS at least
 once. Is
 > it
 > > > > downloaded there or pushed after download, that I am not sure.
 I was
 > > > > assuming the swift upload bash script was executed after the
 template
 > > is
 > > > on
 > > > > the staging.
 > > > >
 > > > > Anyway... the focus is on the virt size, and you all know the
 code
 > > better
 > > > > than I do :)
 > > > >
 > > > > FG
 > > > > On Aug 22, 2014 5:28 PM, "Min Chen" 
 wrote:
 > > > >
 > > > >> No. For S3/Swift, register template will directly upload
 templates
 > to
 > > S3
 > > > >> without going through staging NFS. It will only be copied to
 staging
 > > NFS
 > > > >> when we first use that template to provision a VM.
 > > > >>
 > > > >> Thanks
 > > > >> -min
 > > > >>
 > > > >> On 8/22/14 2:25 PM, "Francois Gaudreault" <
 fgaudrea...@cloudops.com
 > >
 > > > >> wrote:
 > > > >>
 > > > >> >Edison,
 > > > >> >
 > > > >> >Isnt the templates downloaded to the Staging NFS first?
 > > > >> >
 > > > >> >FG
 > > > >> >On Aug 22, 2014 5:20 PM, "Edison Su" 
 wrote:
 > > > >> >
 > > > >> >> I know the reason why the size of template doesn¹t have
 correct
 > > > virtual
 > > > >> >> size if it¹s registered in S3/Swift:
 > > > >> >> In case of s3/swift, the template is directly stored into
 > s3/swift
 > > > >> >>through
 > > > >> >> swift/s3 api, there is no place for cloudstack to look into
 > > template,
 > > > >> to
 > > > >> >> find out the virtual size during template registration.
 > > > >> >> While, if secondary storage is NFS, the template is first
 stored
 > on
 > > > >> >> NFS(which has file system), cloudstack can unzip the
 template(if
 > > > it¹s a
 > > > >> >> zipped file), and read virtual size from the file, then
>>>

Re: S3/Swift Problem around Virtual Size

[Francois Gaudreault]

Punith,

We ran into the same problem. The only way we found to get around that, 
is to start from a standard NFS, get the SSVMs up, and then move to Swift.


If you find a way to avoid such manipulation, let me know!

FG

On 2014-08-26, 9:58 AM, Punith S wrote:

hi,

i'm trying to deploy a zone with S3 alongside an empty staging nfs 
store as the secondary storage,


does anyone have idea about how to seed the s3 secondary storage with 
ssvm templates to bring up the secondary storage VM ?


like in nfs we seed nfs sec store by running this script
/usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt\
-m /mnt/secondary\
-uhttp://cloudstack.apt-get.eu/systemvm/4.4/systemvm64template-4.4.0-6-xen.vhd.bz2
  \
-h xenserver\
-s \
-F
should i seed the staging nfs with the above script ?
thanks


On Tue, Aug 26, 2014 at 4:00 PM, Francois Gaudreault 
mailto:fgaudrea...@cloudops.com>> wrote:


I mean we are populating the template just like we would do with
normal NFS using the UI.

ACS takes care of pushing to swift.

FG

On Aug 26, 2014 6:02 AM, "Francois Gaudreault"
mailto:fgaudrea...@cloudops.com>> wrote:

Punith,

We are using Swift. We have a tmpauth proxy.

FG

On Aug 26, 2014 2:48 AM, "Punith S" mailto:punit...@cloudbyte.com>> wrote:

sure mike,

since i don't have a S3 account, i'm getting one today.

francois, can you brief me how you seeded your templates
into S3.

thanks!


On Mon, Aug 25, 2014 at 11:16 PM, Mike Tutkowski
mailto:mike.tutkow...@solidfire.com>> wrote:

Yes, I expect we'll see the same issue with S3, as well.

Punith - Is this something you might have time to
investigate? Perhaps
Edison can point us in the right direction here.


On Mon, Aug 25, 2014 at 5:17 AM, Francois Gaudreault <
fgaudrea...@cloudops.com
> wrote:

> Punith,
>
> I highly anticipate the same issue with S3... it
shares a lot of code with
> swift.
>
> My focus would be swift, but we should fix for both :)
>
> FG
> On Aug 25, 2014 6:33 AM, "Punith S"
mailto:punit...@cloudbyte.com>> wrote:
>
> > thanks for opening this thread mike,
> >
> > since i only use nfs as my secondary storage
provider, i didn't see this
> > issue till date.
> >
> > is this issue occurring even using a S3 secondary
storage with staging
> nfs
> > store ?
> >
> > if so like edison pointed we need to fetch the
virtual size from the nfs
> > store instead of S3 in the deploymentmanager.
> >
> > thanks
> >
> >
> > On Sat, Aug 23, 2014 at 3:45 AM, Mike Tutkowski <
> > mike.tutkow...@solidfire.com
> wrote:
> >
> > > Hey Edison,
> > >
> > > Do you know how difficult/easy of a fix this is,
who might be available
> > to
> > > put this fix in, and for what release (hopefully
4.4.1) this fix could
> > find
> > > its way in?
> > >
> > > Thanks!
> > > Mike
> > >
> > >
> > > On Fri, Aug 22, 2014 at 3:37 PM, Francois
Gaudreault <
> > > fgaudrea...@cloudops.com
> wrote:
> > >
> > > > Min,
> > > >
> > > > Ok, but this is not the behavior I see. Even
without requesting a VM
> > > > create, the template is pushed to the staging
NFS at least once. Is
> it
> > > > downloaded there or pushed after download,
that I am not sure. I was
> > > > assuming the swift upload bash script was
executed after the template
> > is
> > > on
> > > > the staging.
> > > >
> > > > Anyway... the focus is on the virt size, and
you all know the code
> > better
> > > > than I do :)
> > > >
> > > > FG
> > > > On Aug 22, 2014 5:28 PM, "Min Chen"

Jenkins build is still unstable: simulator-singlerun #211

[jenkins]

See 

VMs stuck in expunging

[Francois Gaudreault]

Hi,

We have couple VMs stuck in Expunging state in our setup, and I am not 
sure why. This is a 4.3.1-snapshot. This is what the log says:


2014-08-25 23:30:31,789 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Stopped called on VM[User|ketchup-web] 
but the state is Expunging
2014-08-25 23:30:31,808 WARN  [c.c.u.n.Link] 
(AgentManager-Selector:null) SSL: Fail to find the generated keystore. 
Loading fail-safe one to continue.
2014-08-25 23:30:31,810 DEBUG [c.c.c.CapacityManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) VM state transitted from :Expunging to 
Expunging with event: ExpungeOperationvm's original host id: 1 new host 
id: null host id before state transition: null
2014-08-25 23:30:31,811 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Destroying vm VM[User|ketchup-web]
2014-08-25 23:30:31,811 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning up NICS
2014-08-25 23:30:31,811 DEBUG [o.a.c.e.o.NetworkOrchestrator] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning network for vm: 61
2014-08-25 23:30:31,814 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning up hypervisor data structures 
(ex. SRs in XenServer) for managed storage
2014-08-25 23:30:31,821 DEBUG [o.a.c.e.o.VolumeOrchestrator] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning storage for vm: 61
2014-08-25 23:30:31,825 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Expunged VM[User|ketchup-web]
2014-08-25 23:30:31,825 DEBUG [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Starting cleaning up vm 
VM[User|ketchup-web] resources...
2014-08-25 23:30:31,856 DEBUG [c.c.n.f.FirewallManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) No firewall rules are found for vm id=61
2014-08-25 23:30:31,872 DEBUG [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Firewall rules are removed 
successfully as a part of vm id=61 expunge
2014-08-25 23:30:31,884 DEBUG [c.c.u.d.T.Transaction] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Rolling back the transaction: Time = 5 
Name =  UserVm-Scavenger-1; called by 
-TransactionLegacy.rollback:896-TransactionLegacy.removeUpTo:839-TransactionLegacy.close:663-Transaction.execute:41-Transaction.execute:46-FirewallManagerImpl.revokeRule:732-GeneratedMethodAccessor278.invoke:-1-DelegatingMethodAccessorImpl.invoke:43-Method.invoke:606-AopUtils.invokeJoinpointUsingReflection:317-ReflectiveMethodInvocation.invokeJoinpoint:183-ReflectiveMethodInvocation.proceed:150
2014-08-25 23:30:31,887 WARN  [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Unable to expunge VM[User|ketchup-web]


Any idea what's going on? Bug?

--
Francois Gaudreault
Gestionnaire de Produit | Product Manager - Cloud Platform & Services
t:514-629-6775

CloudOps Votre partenaire infonuagique | Cloud Solutions Experts
420 rue Guy | Montreal | Quebec | H3J 1S6
w: cloudops.com | tw: @CloudOps_

Re: Review Request 25017: Disabling VPC tests on Hyper-v

[John Dilley]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25017/#review51526
---


VPC is supported for Hyper-V in ACS

- John Dilley


On Aug. 26, 2014, 10 a.m., sanjeev n wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25017/
> ---
> 
> (Updated Aug. 26, 2014, 10 a.m.)
> 
> 
> Review request for cloudstack, John Dilley, Santhosh Edukulla, and 
> SrikanteswaraRao Talluri.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> skipping VPC tests on Hyper-v. Made changes to following test scripts to skip 
> VPC tests on Hyper-v :
> /test/integration/smoke/test_network_acl.py 
> b/test/integration/smoke/test_network_acl.py
> /test/integration/smoke/test_privategw_acl.py 
> b/test/integration/smoke/test_privategw_acl.py
> test/integration/smoke/test_vpc_vpn.py 
> b/test/integration/smoke/test_vpc_vpn.py
> 
> 
> Diffs
> -
> 
>   test/integration/smoke/test_network_acl.py 015ebab 
>   test/integration/smoke/test_privategw_acl.py cf0f8e3 
>   test/integration/smoke/test_vpc_vpn.py 9e8f97f 
> 
> Diff: https://reviews.apache.org/r/25017/diff/
> 
> 
> Testing
> ---
> 
> Yes
> 
> 
> Thanks,
> 
> sanjeev n
> 
>

Re: Review Request 24420: vGPU Test Automation ( Check for vGPU resources & VM lifecycle tests)

[John Dilley]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/24420/#review51527
---

Ship it!


Ship It!

- John Dilley


On Aug. 22, 2014, 2:09 p.m., abhinav roy wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/24420/
> ---
> 
> (Updated Aug. 22, 2014, 2:09 p.m.)
> 
> 
> Review request for cloudstack, Doug Clark, John Dilley, sailaja mada, and 
> Sanjay Tripathi.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> This Diff includes vGPU VM lifecycle tests as well as a function to validate 
> the vGPU resources present in a vGPU VM deployed on CS. It has the following 
> tests :
> 
> 1. A function to validate vGPU resources in a VM. It does validation on both 
> the host as well as on CS.
>It includes following lifecycle tests.
>
> 
> 2. Deploy VM
> 3. Stop VM
> 4. Start VM
> 5. Restore VM
> 6. Reboot VM
> 7. Destroy VM
> 8. Recover VM
> 
> 
> NOTE : VM lifecycle test cases were included in this script after the 1st 
> rouund of review with Doug. We decided to include those tests here just to 
> remove the overhead of registering template again. so, now there is no use of 
> this review request https://reviews.apache.org/r/24425/ 
> 
> 
> Diffs
> -
> 
>   test/integration/component/test_deploy_vgpu_vm.py fd3f374 
> 
> Diff: https://reviews.apache.org/r/24420/diff/
> 
> 
> Testing
> ---
> 
> Testing :
> 
> 1. Executed the script on non GPU test setup and ensured tests being skipped. 
> 2. Executed on K2 GPU drivers installed setup and ensured all lifecycle test 
> cases are working fine and the function is checking for the vGPU resources in 
> a vGPU VM.
> 
> 
> Thanks,
> 
> abhinav roy
> 
>

Re: S3/Swift Problem around Virtual Size

[Punith S]

hi francois,

since i'm not having a swift setup, i'm using the s3 bucket.

and as you recommended i got the SSVM up with seeded nfs storage,

post that i removed the nfs secondary storage and added the S3 with staging
nfs store as the new sec storage, since you cannot have any nfs secondary
storage while using the S3.

on registering the a new template, i'm getting template status as* Unable
to execute HTTP request: No route to host*

in managementserver.log

2014-08-26 20:41:07,502 DEBUG [o.a.c.s.RemoteHostEndPoint]
(Timer-24:ctx-b68380cd) Sending command
org.apache.cloudstack.storage.command.DownloadProgressCommand to host: 10
2014-08-26 20:41:07,507 DEBUG [c.c.a.t.Request] (Timer-24:ctx-b68380cd) Seq
10-5684105679694996125: Sending  { Cmd , MgmtId: 52242179434, via:
10(s-142-VM), Ver: v1, Flags: 100011,
[{"org.apache.cloudstack.storage.command.DownloadProgressCommand":{"jobId":"d43a17c9-3b03-4ff9-8906-e1d155981e86","request":"GET_STATUS","hvm":true,"description":"centext","maxDownloadSizeInBytes":53687091200,"id":209,"resourceType":"TEMPLATE","installPath":"template/tmpl/2/209/209-2-b624436c-5f37-30d4-8eaf-81582eb0d39d","_store":{"com.cloud.agent.api.to.S3TO":{"id":14,"uuid":"e4afd7bb-39ea-4128-ab93-f8a09b1d5e03","bucketName":"test-cloudstack","httpsFlag":false,"created":"Aug
26, 2014 8:16:24
PM","enableRRS":false,"maxSingleUploadSizeInBytes":5368709120}},"url":"
http://download.cloud.com/templates/builtin/centos56-x86_64.vhd.bz2","format":"VHD","accountId":2,"name":"209-2-b624436c-5f37-30d4-8eaf-81582eb0d39d","wait":0}}]
}
2014-08-26 20:41:07,556 DEBUG [c.c.a.t.Request]
(AgentManager-Handler-10:null) Seq 10-5684105679694996125: Processing:  {
Ans: , MgmtId: 52242179434, via: 10, Ver: v1, Flags: 10,
[{"com.cloud.agent.api.storage.DownloadAnswer":{"jobId":"d43a17c9-3b03-4ff9-8906-e1d155981e86","downloadPct":0,"errorString":"No
route to
host","downloadStatus":"DOWNLOAD_ERROR","installPath":"template/tmpl/2/209/209-2-b624436c-5f37-30d4-8eaf-81582eb0d39d","templateSize":0,"templatePhySicalSize":0,"result":true,"details":"No
route to host","wait":0}}] }

but i don't see any logging happening in secondary storage vm's cloud.log

not sure this error is happening due to S3!


thanks!

Jenkins build is still unstable: simulator-singlerun #212

[jenkins]

See 

Re: Review Request 25017: Disabling VPC tests on Hyper-v

[SrikanteswaraRao Talluri]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25017/#review51532
---

Ship it!


Ship It!

- SrikanteswaraRao Talluri


On Aug. 26, 2014, 10 a.m., sanjeev n wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25017/
> ---
> 
> (Updated Aug. 26, 2014, 10 a.m.)
> 
> 
> Review request for cloudstack, John Dilley, Santhosh Edukulla, and 
> SrikanteswaraRao Talluri.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> skipping VPC tests on Hyper-v. Made changes to following test scripts to skip 
> VPC tests on Hyper-v :
> /test/integration/smoke/test_network_acl.py 
> b/test/integration/smoke/test_network_acl.py
> /test/integration/smoke/test_privategw_acl.py 
> b/test/integration/smoke/test_privategw_acl.py
> test/integration/smoke/test_vpc_vpn.py 
> b/test/integration/smoke/test_vpc_vpn.py
> 
> 
> Diffs
> -
> 
>   test/integration/smoke/test_network_acl.py 015ebab 
>   test/integration/smoke/test_privategw_acl.py cf0f8e3 
>   test/integration/smoke/test_vpc_vpn.py 9e8f97f 
> 
> Diff: https://reviews.apache.org/r/25017/diff/
> 
> 
> Testing
> ---
> 
> Yes
> 
> 
> Thanks,
> 
> sanjeev n
> 
>

Re: Review Request 25017: Disabling VPC tests on Hyper-v

[Chip Childers]

> On Aug. 26, 2014, 3:50 p.m., SrikanteswaraRao Talluri wrote:
> > Ship It!

Why are you saying "Ship It!" if John's point is valid?  Shouldn't the tests be 
functional if VPC is supported for Hyper-V?


- Chip


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25017/#review51532
---


On Aug. 26, 2014, 10 a.m., sanjeev n wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25017/
> ---
> 
> (Updated Aug. 26, 2014, 10 a.m.)
> 
> 
> Review request for cloudstack, John Dilley, Santhosh Edukulla, and 
> SrikanteswaraRao Talluri.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> skipping VPC tests on Hyper-v. Made changes to following test scripts to skip 
> VPC tests on Hyper-v :
> /test/integration/smoke/test_network_acl.py 
> b/test/integration/smoke/test_network_acl.py
> /test/integration/smoke/test_privategw_acl.py 
> b/test/integration/smoke/test_privategw_acl.py
> test/integration/smoke/test_vpc_vpn.py 
> b/test/integration/smoke/test_vpc_vpn.py
> 
> 
> Diffs
> -
> 
>   test/integration/smoke/test_network_acl.py 015ebab 
>   test/integration/smoke/test_privategw_acl.py cf0f8e3 
>   test/integration/smoke/test_vpc_vpn.py 9e8f97f 
> 
> Diff: https://reviews.apache.org/r/25017/diff/
> 
> 
> Testing
> ---
> 
> Yes
> 
> 
> Thanks,
> 
> sanjeev n
> 
>

Review Request 25065: pre-add all RewriteRule entries to metadata htaccess file for system vm routers

[Fred Clift]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25065/
---

Review request for cloudstack.


Repository: cloudstack-git


Description
---

pre-add all RewriteRule entries to metadata htaccess file  for system vm 
routers- makes automated router maintanince easier...  The set is static and 
doesn't ever change after the initial provision - it is identical for every 
router... While it is probably good to have code that can dynamically add new 
lines (opt/cloud/bin/vmdata.py currently does this, starting from the stub in 
git now) there is no reason not to have the full static set of rules in the 
initial file.  We (betterservers.com) have some in-house router-fixing scripts 
that would like to re-unpack the tarball and not loose the full .htaccess 
file...


Diffs
-

  systemvm/patches/debian/config/var/www/html/latest/.htaccess 038a4c9 

Diff: https://reviews.apache.org/r/25065/diff/


Testing
---

installed cloudstack, set up networks and provisioned a vm - made sure the 
router got the same .htaccess file that it would normally get after the first 
vm is added to the network


Thanks,

Fred Clift

Re: Getting the system template when using Swift as Secondary Storage

[Francois Gaudreault]

So I looked it more, and apparently my template is being downloaded, 
pushed to Swift, but then nothing happens. The template is never 
switched to Ready in the DB, so SSVMs are never launched.


Any ideas what would cause that?

FG

On 2014-08-25, 10:21 AM, Francois Gaudreault wrote:

Hi,

So far, the only way I found to get SSVM running if using Swift as 
SecStorage is to initially configure the secondary storage as standard 
NFS, get the SSVMs to start, and then switch back to Swift + NFS 
Staging. I have a feeling that this is not the expected behavior. 
Should we be able to start the zone without having to switch from 
standard NFS to Swift once the SSVMs are up?


Thanks!




--
Francois Gaudreault
Gestionnaire de Produit | Product Manager - Cloud Platform & Services
t:514-629-6775

CloudOps Votre partenaire infonuagique | Cloud Solutions Experts
420 rue Guy | Montreal | Quebec | H3J 1S6
w: cloudops.com | tw: @CloudOps_

Re: 4.4 Logging

[ilya musayev]

Michael,

Edit /etc/cloudstack/management/log4j-cloud.xml

Change from INFO to DEBUG, ERROR or TRACE specific components to make 
logging more verbose.


Regards
ilya
On 8/25/14, 2:00 PM, Michael Phillips wrote:

Seems the logging level in 4.4 has been toned down, how do you crank it up to 
verbose levels?   

Re: VMs stuck in expunging

[ilya musayev]

Its apparent that expunge failed, because VM name "ketchup-web" was to 
good to be deleted :)


Try increasing the verbosity level on log4j so we can get a better picture.


On 8/26/14, 7:29 AM, Francois Gaudreault wrote:

Hi,

We have couple VMs stuck in Expunging state in our setup, and I am not 
sure why. This is a 4.3.1-snapshot. This is what the log says:


2014-08-25 23:30:31,789 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Stopped called on 
VM[User|ketchup-web] but the state is Expunging
2014-08-25 23:30:31,808 WARN  [c.c.u.n.Link] 
(AgentManager-Selector:null) SSL: Fail to find the generated keystore. 
Loading fail-safe one to continue.
2014-08-25 23:30:31,810 DEBUG [c.c.c.CapacityManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) VM state transitted from :Expunging 
to Expunging with event: ExpungeOperationvm's original host id: 1 new 
host id: null host id before state transition: null
2014-08-25 23:30:31,811 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Destroying vm VM[User|ketchup-web]
2014-08-25 23:30:31,811 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning up NICS
2014-08-25 23:30:31,811 DEBUG [o.a.c.e.o.NetworkOrchestrator] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning network for vm: 61
2014-08-25 23:30:31,814 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning up hypervisor data 
structures (ex. SRs in XenServer) for managed storage
2014-08-25 23:30:31,821 DEBUG [o.a.c.e.o.VolumeOrchestrator] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning storage for vm: 61
2014-08-25 23:30:31,825 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Expunged VM[User|ketchup-web]
2014-08-25 23:30:31,825 DEBUG [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Starting cleaning up vm 
VM[User|ketchup-web] resources...
2014-08-25 23:30:31,856 DEBUG [c.c.n.f.FirewallManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) No firewall rules are found for vm 
id=61
2014-08-25 23:30:31,872 DEBUG [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Firewall rules are removed 
successfully as a part of vm id=61 expunge
2014-08-25 23:30:31,884 DEBUG [c.c.u.d.T.Transaction] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Rolling back the transaction: Time = 
5 Name =  UserVm-Scavenger-1; called by 
-TransactionLegacy.rollback:896-TransactionLegacy.removeUpTo:839-TransactionLegacy.close:663-Transaction.execute:41-Transaction.execute:46-FirewallManagerImpl.revokeRule:732-GeneratedMethodAccessor278.invoke:-1-DelegatingMethodAccessorImpl.invoke:43-Method.invoke:606-AopUtils.invokeJoinpointUsingReflection:317-ReflectiveMethodInvocation.invokeJoinpoint:183-ReflectiveMethodInvocation.proceed:150
2014-08-25 23:30:31,887 WARN  [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Unable to expunge VM[User|ketchup-web]


Any idea what's going on? Bug?

Re: Review Request 25029: UI: Upgrade jQuery from version 1.6.1 to 1.6.4

[Brian Federle]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25029/#review51576
---

Ship it!


Ship It!

- Brian Federle


On Aug. 25, 2014, 8:42 p.m., Gabor Apati-Nagy wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25029/
> ---
> 
> (Updated Aug. 25, 2014, 8:42 p.m.)
> 
> 
> Review request for cloudstack, Brian Federle and Jessica Wang.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> Replaced jquery.js file.
> 
> 
> Diffs
> -
> 
>   ui/lib/jquery.js 5d5a1d58ee5148d010b2029c419356440e679941 
> 
> Diff: https://reviews.apache.org/r/25029/diff/
> 
> 
> Testing
> ---
> 
> I have done smoke test on the UI.
> 
> 
> Thanks,
> 
> Gabor Apati-Nagy
> 
>

Re: Review Request 25029: UI: Upgrade jQuery from version 1.6.1 to 1.6.4

[David Nalley]

This has implications for LICENSE and NOTICE. Please ensure they get
updated as well.

--David

On Mon, Aug 25, 2014 at 4:42 PM, Gabor Apati-Nagy
 wrote:
>
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25029/
> ---
>
> Review request for cloudstack, Brian Federle and Jessica Wang.
>
>
> Repository: cloudstack-git
>
>
> Description
> ---
>
> Replaced jquery.js file.
>
>
> Diffs
> -
>
>   ui/lib/jquery.js 5d5a1d58ee5148d010b2029c419356440e679941
>
> Diff: https://reviews.apache.org/r/25029/diff/
>
>
> Testing
> ---
>
> I have done smoke test on the UI.
>
>
> Thanks,
>
> Gabor Apati-Nagy
>

RE: Review Request 25029: UI: Upgrade jQuery from version 1.6.1 to 1.6.4

[Brian Federle]

Hi David, I just updated NOTICE. I verified that the content in LICENSE is 
still the same from the prior version.

-Brian

182a0786bdab96b2bc582bce7b8e0fee685d8fd4 HEAD asf/master master
Author: Brian Federle 
Date:   Tue Aug 26 13:13:29 2014 -0700

Update NOTICE to account for updated jQuery version

1 file changed, 2 insertions(+), 2 deletions(-)
 NOTICE | 4 ++--

Modified   NOTICE
diff --git a/NOTICE b/NOTICE
index a74c0dc..b19e4a4 100644
--- a/NOTICE
+++ b/NOTICE
@@ -29,7 +29,7 @@ Copyright 2014 The Apache Software Foundation
 jquery.js
   
 
-jQuery JavaScript Library v1.6.1
+jQuery JavaScript Library v1.6.4
 http://jquery.com/
 
 Copyright 2011, John Resig
@@ -41,7 +41,7 @@ Copyright 2014 The Apache Software Foundation
 Copyright 2011, The Dojo Foundation
 Released under the MIT, BSD, and GPL Licenses.
 
-Date: Thu May 12 15:04:36 2011 -0400
+Date: Mon Sep 12 18:54:48 2011 -0400

-Original Message-
From: David Nalley [mailto:da...@gnsa.us] 
Sent: Tuesday, August 26, 2014 1:05 PM
To: dev@cloudstack.apache.org; Gabor Apati-Nagy
Cc: Jessica Wang; Brian Federle
Subject: Re: Review Request 25029: UI: Upgrade jQuery from version 1.6.1 to 
1.6.4

This has implications for LICENSE and NOTICE. Please ensure they get updated as 
well.

--David

On Mon, Aug 25, 2014 at 4:42 PM, Gabor Apati-Nagy  
wrote:
>
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25029/
> ---
>
> Review request for cloudstack, Brian Federle and Jessica Wang.
>
>
> Repository: cloudstack-git
>
>
> Description
> ---
>
> Replaced jquery.js file.
>
>
> Diffs
> -
>
>   ui/lib/jquery.js 5d5a1d58ee5148d010b2029c419356440e679941
>
> Diff: https://reviews.apache.org/r/25029/diff/
>
>
> Testing
> ---
>
> I have done smoke test on the UI.
>
>
> Thanks,
>
> Gabor Apati-Nagy
>

Re: Review Request 25065: pre-add all RewriteRule entries to metadata htaccess file for system vm routers

[Fred Clift]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25065/#review51585
---


https://reviews.apache.org/r/25023/and cloudstack bug 7405 
https://issues.apache.org/jira/browse/CLOUDSTACK-7405  have updated this format

I should probably submit a new patch with the new regexs

- Fred Clift


On Aug. 26, 2014, 5:07 p.m., Fred Clift wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25065/
> ---
> 
> (Updated Aug. 26, 2014, 5:07 p.m.)
> 
> 
> Review request for cloudstack.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> pre-add all RewriteRule entries to metadata htaccess file  for system vm 
> routers- makes automated router maintanince easier...  The set is static and 
> doesn't ever change after the initial provision - it is identical for every 
> router... While it is probably good to have code that can dynamically add new 
> lines (opt/cloud/bin/vmdata.py currently does this, starting from the stub in 
> git now) there is no reason not to have the full static set of rules in the 
> initial file.  We (betterservers.com) have some in-house router-fixing 
> scripts that would like to re-unpack the tarball and not loose the full 
> .htaccess file...
> 
> 
> Diffs
> -
> 
>   systemvm/patches/debian/config/var/www/html/latest/.htaccess 038a4c9 
> 
> Diff: https://reviews.apache.org/r/25065/diff/
> 
> 
> Testing
> ---
> 
> installed cloudstack, set up networks and provisioned a vm - made sure the 
> router got the same .htaccess file that it would normally get after the first 
> vm is added to the network
> 
> 
> Thanks,
> 
> Fred Clift
> 
>

[DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Erik Weber]

If I understand correctly, we currently deploy a web server on port 8080 on
the VR and send a specially crafted request to retrieve the password.

This requires special made scripts or software on the guest vms to execute
the password reset.

At the same time cloud-init has become the de facto standard of pushing
configuration to guest vms.

cloud-init does support password resets out of the box, through the usage
of user-data.

There are a couple of issues with this that I can think of, and there are
probably more that I currently cannot think of, but hopefully someone else
might :-)
 - we cannot change/update user-data (yet) in acs (i think?)
 - if the vm has an existing user-data, we have to modify it. how to handle
custom scripts as user-data?
 - should we clean up the user-data after some time? how to pick up that
the cloud-init has run?

If you want to test how this works you can deploy a machine with cloud-init
installed.
I used this[1] from Lucian as source for its configuration.

After that, you have to manually log on to the VR, go to
/var/www/html/userdata// and modify the user-data file. Example
content is here[2].

Then on your test machine, issue: rm -rf /var/lib/cloud/ && cloud-init init
&& cloud-init modules --mode config && cloud-init modules --mode final

If you chose to use the random password generator it will display on the
screen.

This is most likely beyond my programming skills, so I cannot say what
amount of effort it would take to accomplish.


[1] http://dl.openvm.eu/cloudstack/centos/ks/vanilla/7/post_cloudstack.ks
[2] https://gist.github.com/terbolous/e0ab09afaa6be2a5f3bb

-- 
Erik

Jenkins build is still unstable: simulator-singlerun #213

[jenkins]

See 

Re: Review Request 25023: CLOUDSTACK-7405: Allow VR metadata to be accessed without trailing slash

[Fred Clift]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25023/#review51588
---


./systemvm/patches/debian/config/var/www/html/latest/.htaccess


That file has a stub-version of the file, and is pre-seeded with one rewrite 
rule...

looks like this:

Options +FollowSymLinks
RewriteEngine On
#RewriteBase /

RewriteRule ^user-data$  ../userdata/%{REMOTE_ADDR}/user-data [L,NC,QSA]


That rule also probably needs to be updated.

You might also want to look at 

https://reviews.apache.org/r/25065/


and perhaps we could combine our patches...

- Fred Clift


On Aug. 25, 2014, 7:55 p.m., Erik Weber wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25023/
> ---
> 
> (Updated Aug. 25, 2014, 7:55 p.m.)
> 
> 
> Review request for cloudstack, Marcus Sorensen, Sebastien Goasguen, and Wido 
> den Hollander.
> 
> 
> Bugs: CLOUDSTACK-7405
> https://issues.apache.org/jira/browse/CLOUDSTACK-7405
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> As per https://issues.apache.org/jira/browse/CLOUDSTACK-7405 cloud-init 
> expects to be able to get meta-data directory without using a trailing slash.
> 
> Ultimately this should be fixed in cloud-init, but it's an unintrusive fix in 
> cloudstack
> 
> 
> Diffs
> -
> 
>   systemvm/patches/debian/config/opt/cloud/bin/vmdata.py f508032 
> 
> Diff: https://reviews.apache.org/r/25023/diff/
> 
> 
> Testing
> ---
> 
> tested with curl that both new and old url works
> 
> [root@jenkins ~]# curl -I -s 10.30.81.1/latest/meta-data/vm-id | grep HTTP
> HTTP/1.1 200 OK
> [root@jenkins ~]# curl -I -s 10.30.81.1/latest/meta-data | grep HTTP
> HTTP/1.1 200 OK
> 
> 
> Thanks,
> 
> Erik Weber
> 
>

Re: Review Request 25023: CLOUDSTACK-7405: Allow VR metadata to be accessed without trailing slash

[Erik Weber]

> On Aug. 26, 2014, 8:39 p.m., Fred Clift wrote:
> > ./systemvm/patches/debian/config/var/www/html/latest/.htaccess
> > 
> > 
> > That file has a stub-version of the file, and is pre-seeded with one 
> > rewrite rule...
> > 
> > looks like this:
> > 
> > Options +FollowSymLinks
> > RewriteEngine On
> > #RewriteBase /
> > 
> > RewriteRule ^user-data$  ../userdata/%{REMOTE_ADDR}/user-data [L,NC,QSA]
> > 
> > 
> > That rule also probably needs to be updated.
> > 
> > You might also want to look at 
> > 
> > https://reviews.apache.org/r/25065/
> > 
> > 
> > and perhaps we could combine our patches...

I tested by deleting the .htaccess and restarting the VR.
This is the total content of .htaccess:
Options +FollowSymLinks
RewriteEngine On

RewriteRule ^user-data/?$  ../userdata/%{REMOTE_ADDR}/user-data [L,NC,QSA]
RewriteRule ^service-offering/?$  ../metadata/%{REMOTE_ADDR}/service-offering 
[L,NC,QSA]
RewriteRule ^meta-data/(.+[^/])/?$  ../metadata/%{REMOTE_ADDR}/$1 [L,NC,QSA]
RewriteRule ^meta-data/?$  ../metadata/%{REMOTE_ADDR}/meta-data [L,NC,QSA]
RewriteRule ^availability-zone/?$  ../metadata/%{REMOTE_ADDR}/availability-zone 
[L,NC,QSA]
RewriteRule ^local-ipv4/?$  ../metadata/%{REMOTE_ADDR}/local-ipv4 [L,NC,QSA]
RewriteRule ^local-hostname/?$  ../metadata/%{REMOTE_ADDR}/local-hostname 
[L,NC,QSA]
RewriteRule ^public-ipv4/?$  ../metadata/%{REMOTE_ADDR}/public-ipv4 [L,NC,QSA]
RewriteRule ^public-hostname/?$  ../metadata/%{REMOTE_ADDR}/public-hostname 
[L,NC,QSA]
RewriteRule ^instance-id/?$  ../metadata/%{REMOTE_ADDR}/instance-id [L,NC,QSA]
RewriteRule ^vm-id/?$  ../metadata/%{REMOTE_ADDR}/vm-id [L,NC,QSA]
RewriteRule ^public-keys/?$  ../metadata/%{REMOTE_ADDR}/public-keys [L,NC,QSA]
RewriteRule ^cloud-identifier/?$  ../metadata/%{REMOTE_ADDR}/cloud-identifier 
[L,NC,QSA]

I don't mind combining the patches. If you want to provide it and receive 
credit I believe this patch has been commited to the 4.3 branch. You can 
probably provide a patch based on that :-)


- Erik


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25023/#review51588
---


On Aug. 25, 2014, 7:55 p.m., Erik Weber wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/25023/
> ---
> 
> (Updated Aug. 25, 2014, 7:55 p.m.)
> 
> 
> Review request for cloudstack, Marcus Sorensen, Sebastien Goasguen, and Wido 
> den Hollander.
> 
> 
> Bugs: CLOUDSTACK-7405
> https://issues.apache.org/jira/browse/CLOUDSTACK-7405
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> As per https://issues.apache.org/jira/browse/CLOUDSTACK-7405 cloud-init 
> expects to be able to get meta-data directory without using a trailing slash.
> 
> Ultimately this should be fixed in cloud-init, but it's an unintrusive fix in 
> cloudstack
> 
> 
> Diffs
> -
> 
>   systemvm/patches/debian/config/opt/cloud/bin/vmdata.py f508032 
> 
> Diff: https://reviews.apache.org/r/25023/diff/
> 
> 
> Testing
> ---
> 
> tested with curl that both new and old url works
> 
> [root@jenkins ~]# curl -I -s 10.30.81.1/latest/meta-data/vm-id | grep HTTP
> HTTP/1.1 200 OK
> [root@jenkins ~]# curl -I -s 10.30.81.1/latest/meta-data | grep HTTP
> HTTP/1.1 200 OK
> 
> 
> Thanks,
> 
> Erik Weber
> 
>

Jenkins build is still unstable: simulator-singlerun #214

[jenkins]

See 

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Nux!]

Hi Erik and thanks for your effort. Using user data is a nice idea.
Let's see what more experienced programmers have to say on this.

One thing that I noticed; though it might have been OK in your particular case, 
"rm -rf /var/lib/cloud/" is a bad idea as it can include various useful scripts 
along that path. As you noticed I copy the cloudstack-set-password script in 
/var/lib/cloud/scripts/per-boot, so that's one example. :-)

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro


- Original Message -
> From: "Erik Weber" 
> To: "dev" 
> Sent: Tuesday, 26 August, 2014 9:34:44 PM
> Subject: [DISCUSS] Changing the way password reset works, or allowing the 
> cloud-init way
> 
> If I understand correctly, we currently deploy a web server on port 8080 on
> the VR and send a specially crafted request to retrieve the password.
> 
> This requires special made scripts or software on the guest vms to execute
> the password reset.
> 
> At the same time cloud-init has become the de facto standard of pushing
> configuration to guest vms.
> 
> cloud-init does support password resets out of the box, through the usage
> of user-data.
> 
> There are a couple of issues with this that I can think of, and there are
> probably more that I currently cannot think of, but hopefully someone else
> might :-)
>  - we cannot change/update user-data (yet) in acs (i think?)
>  - if the vm has an existing user-data, we have to modify it. how to handle
> custom scripts as user-data?
>  - should we clean up the user-data after some time? how to pick up that
> the cloud-init has run?
> 
> If you want to test how this works you can deploy a machine with cloud-init
> installed.
> I used this[1] from Lucian as source for its configuration.
> 
> After that, you have to manually log on to the VR, go to
> /var/www/html/userdata// and modify the user-data file. Example
> content is here[2].
> 
> Then on your test machine, issue: rm -rf /var/lib/cloud/ && cloud-init init
> && cloud-init modules --mode config && cloud-init modules --mode final
> 
> If you chose to use the random password generator it will display on the
> screen.
> 
> This is most likely beyond my programming skills, so I cannot say what
> amount of effort it would take to accomplish.
> 
> 
> [1] http://dl.openvm.eu/cloudstack/centos/ks/vanilla/7/post_cloudstack.ks
> [2] https://gist.github.com/terbolous/e0ab09afaa6be2a5f3bb
> 
> --
> Erik
> 

Re: Ice bucket challenge

[Nux!]

Meh, I thought he only has Earl Grey, hot! :-)

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "Steve Roles" 
> To: "Giles Sirett" , dev@cloudstack.apache.org
> Cc: "Geoff Higginbottom" , "Chip Childers" 
> , "Sebastien
> Goasguen" 
> Sent: Tuesday, 26 August, 2014 12:25:55 PM
> Subject: RE: Ice bucket challenge
> 
> I'll be following one of my heroes approach to this...
> 
> https://www.youtube.com/watch?v=Ju5VxyM3S4o
> 
> Regards,
> 
> Steve Roles

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Erik Weber]

On Tue, Aug 26, 2014 at 11:44 PM, Nux!  wrote:

> Hi Erik and thanks for your effort. Using user data is a nice idea.
> Let's see what more experienced programmers have to say on this.
>
>
Sure thing

One thing that I noticed; though it might have been OK in your particular
> case, "rm -rf /var/lib/cloud/" is a bad idea as it can include various
> useful scripts along that path. As you noticed I copy the
> cloudstack-set-password script in /var/lib/cloud/scripts/per-boot, so
> that's one example. :-)
>


Guess I should note that this was on a test vm, to force refreshing the
user-data. It can probably be done with in a less harmful way.

DO NOT DO THIS ON ANYTHING IN PRODUCTION :-)

-- 
Erik

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Marcus]

I'm wondering how you keep the root password secure. Right now, it works
similarly to userdata and metadata, in that the instance queries its router
as it boots, but then the password is wiped once queried. If this didn't
happen, non-root users could query for the root password all day. Do you
suggest this be special userdata that is handled like this after first
access? Or is there another way this is normally handled?

Is the push for cloud-init just that it is easier to install than
cloud-set-guest-password?



On Tue, Aug 26, 2014 at 4:00 PM, Erik Weber  wrote:

> On Tue, Aug 26, 2014 at 11:44 PM, Nux!  wrote:
>
> > Hi Erik and thanks for your effort. Using user data is a nice idea.
> > Let's see what more experienced programmers have to say on this.
> >
> >
> Sure thing
>
> One thing that I noticed; though it might have been OK in your particular
> > case, "rm -rf /var/lib/cloud/" is a bad idea as it can include various
> > useful scripts along that path. As you noticed I copy the
> > cloudstack-set-password script in /var/lib/cloud/scripts/per-boot, so
> > that's one example. :-)
> >
>
>
> Guess I should note that this was on a test vm, to force refreshing the
> user-data. It can probably be done with in a less harmful way.
>
> DO NOT DO THIS ON ANYTHING IN PRODUCTION :-)
>
> --
> Erik
>

Re: Review Request 25029: UI: Upgrade jQuery from version 1.6.1 to 1.6.4

[David Nalley]

Thanks Brian!

--David

On Tue, Aug 26, 2014 at 4:15 PM, Brian Federle  wrote:
> Hi David, I just updated NOTICE. I verified that the content in LICENSE is 
> still the same from the prior version.
>
> -Brian
>
> 182a0786bdab96b2bc582bce7b8e0fee685d8fd4 HEAD asf/master master
> Author: Brian Federle 
> Date:   Tue Aug 26 13:13:29 2014 -0700
>
> Update NOTICE to account for updated jQuery version
>
> 1 file changed, 2 insertions(+), 2 deletions(-)
>  NOTICE | 4 ++--
>
> Modified   NOTICE
> diff --git a/NOTICE b/NOTICE
> index a74c0dc..b19e4a4 100644
> --- a/NOTICE
> +++ b/NOTICE
> @@ -29,7 +29,7 @@ Copyright 2014 The Apache Software Foundation
>  jquery.js
>
>
> -jQuery JavaScript Library v1.6.1
> +jQuery JavaScript Library v1.6.4
>  http://jquery.com/
>
>  Copyright 2011, John Resig
> @@ -41,7 +41,7 @@ Copyright 2014 The Apache Software Foundation
>  Copyright 2011, The Dojo Foundation
>  Released under the MIT, BSD, and GPL Licenses.
>
> -Date: Thu May 12 15:04:36 2011 -0400
> +Date: Mon Sep 12 18:54:48 2011 -0400
>
> -Original Message-
> From: David Nalley [mailto:da...@gnsa.us]
> Sent: Tuesday, August 26, 2014 1:05 PM
> To: dev@cloudstack.apache.org; Gabor Apati-Nagy
> Cc: Jessica Wang; Brian Federle
> Subject: Re: Review Request 25029: UI: Upgrade jQuery from version 1.6.1 to 
> 1.6.4
>
> This has implications for LICENSE and NOTICE. Please ensure they get updated 
> as well.
>
> --David
>
> On Mon, Aug 25, 2014 at 4:42 PM, Gabor Apati-Nagy 
>  wrote:
>>
>> ---
>> This is an automatically generated e-mail. To reply, visit:
>> https://reviews.apache.org/r/25029/
>> ---
>>
>> Review request for cloudstack, Brian Federle and Jessica Wang.
>>
>>
>> Repository: cloudstack-git
>>
>>
>> Description
>> ---
>>
>> Replaced jquery.js file.
>>
>>
>> Diffs
>> -
>>
>>   ui/lib/jquery.js 5d5a1d58ee5148d010b2029c419356440e679941
>>
>> Diff: https://reviews.apache.org/r/25029/diff/
>>
>>
>> Testing
>> ---
>>
>> I have done smoke test on the UI.
>>
>>
>> Thanks,
>>
>> Gabor Apati-Nagy
>>

Jenkins build is still unstable: simulator-singlerun #215

[jenkins]

See 

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Carlos Reategui]

On Tue, Aug 26, 2014 at 3:04 PM, Marcus  wrote:

> I'm wondering how you keep the root password secure. Right now, it works
> similarly to userdata and metadata, in that the instance queries its router
> as it boots, but then the password is wiped once queried. If this didn't
> happen, non-root users could query for the root password all day. Do you
> suggest this be special userdata that is handled like this after first
> access? Or is there another way this is normally handled?
>

For that reason I prefer to set the meta-data/public-keys and not allow
password authentication.  Cloud-init supports this.  It would be nice if
the UI had a means to manage keys and an option to set the public-key for
an instance.


>
> Is the push for cloud-init just that it is easier to install than
> cloud-set-guest-password?
>
>
>
> On Tue, Aug 26, 2014 at 4:00 PM, Erik Weber  wrote:
>
> > On Tue, Aug 26, 2014 at 11:44 PM, Nux!  wrote:
> >
> > > Hi Erik and thanks for your effort. Using user data is a nice idea.
> > > Let's see what more experienced programmers have to say on this.
> > >
> > >
> > Sure thing
> >
> > One thing that I noticed; though it might have been OK in your particular
> > > case, "rm -rf /var/lib/cloud/" is a bad idea as it can include various
> > > useful scripts along that path. As you noticed I copy the
> > > cloudstack-set-password script in /var/lib/cloud/scripts/per-boot, so
> > > that's one example. :-)
> > >
> >
> >
> > Guess I should note that this was on a test vm, to force refreshing the
> > user-data. It can probably be done with in a less harmful way.
> >
> > DO NOT DO THIS ON ANYTHING IN PRODUCTION :-)
> >
> > --
> > Erik
> >
>

Re: Ice bucket challenge

[Carlos Reategui]

and while having fun with it don't forget to help out here
http://www.alsa.org/donate/


On Tue, Aug 26, 2014 at 2:47 PM, Nux!  wrote:

> Meh, I thought he only has Earl Grey, hot! :-)
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> - Original Message -
> > From: "Steve Roles" 
> > To: "Giles Sirett" ,
> dev@cloudstack.apache.org
> > Cc: "Geoff Higginbottom" , "Chip
> Childers" , "Sebastien
> > Goasguen" 
> > Sent: Tuesday, 26 August, 2014 12:25:55 PM
> > Subject: RE: Ice bucket challenge
> >
> > I'll be following one of my heroes approach to this...
> >
> > https://www.youtube.com/watch?v=Ju5VxyM3S4o
> >
> > Regards,
> >
> > Steve Roles
>

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Marcus]

Yeah, that would be low hanging fruit as far as features go, since the API
is already in place to set VM public keys.


On Tue, Aug 26, 2014 at 4:33 PM, Carlos Reategui 
wrote:

> On Tue, Aug 26, 2014 at 3:04 PM, Marcus  wrote:
>
> > I'm wondering how you keep the root password secure. Right now, it works
> > similarly to userdata and metadata, in that the instance queries its
> router
> > as it boots, but then the password is wiped once queried. If this didn't
> > happen, non-root users could query for the root password all day. Do you
> > suggest this be special userdata that is handled like this after first
> > access? Or is there another way this is normally handled?
> >
>
> For that reason I prefer to set the meta-data/public-keys and not allow
> password authentication.  Cloud-init supports this.  It would be nice if
> the UI had a means to manage keys and an option to set the public-key for
> an instance.
>
>
> >
> > Is the push for cloud-init just that it is easier to install than
> > cloud-set-guest-password?
> >
> >
> >
> > On Tue, Aug 26, 2014 at 4:00 PM, Erik Weber  wrote:
> >
> > > On Tue, Aug 26, 2014 at 11:44 PM, Nux!  wrote:
> > >
> > > > Hi Erik and thanks for your effort. Using user data is a nice idea.
> > > > Let's see what more experienced programmers have to say on this.
> > > >
> > > >
> > > Sure thing
> > >
> > > One thing that I noticed; though it might have been OK in your
> particular
> > > > case, "rm -rf /var/lib/cloud/" is a bad idea as it can include
> various
> > > > useful scripts along that path. As you noticed I copy the
> > > > cloudstack-set-password script in /var/lib/cloud/scripts/per-boot, so
> > > > that's one example. :-)
> > > >
> > >
> > >
> > > Guess I should note that this was on a test vm, to force refreshing the
> > > user-data. It can probably be done with in a less harmful way.
> > >
> > > DO NOT DO THIS ON ANYTHING IN PRODUCTION :-)
> > >
> > > --
> > > Erik
> > >
> >
>

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[John Kinsella]

On Aug 26, 2014, at 1:34 PM, Erik Weber  wrote:
> If I understand correctly, we currently deploy a web server on port 8080 on

Slight correction: A processes on the VR listens on port 8080, and hands any 
connections to a UNIX script. Calling it a "web server" is way too kind.

Also, you’re just looking at the unix use-case. The Windows agent is close 
sourced the last I checked.

Cloud-init doesn’t feel like the best solution, as the one good thing the 
current setup does is remove the password from the VR after it’s fetched. 

Thought there was a bug filed on this, but I don’t see it?

Re: VMs stuck in expunging

[Francois Gaudreault]

Oh man, we have four in this state, and you don't want to see the other 
names lol


I'll pump the log to trace and see what's going on.

Thanks!

FG

On 2014-08-26, 2:41 PM, ilya musayev wrote:
Its apparent that expunge failed, because VM name "ketchup-web" was to 
good to be deleted :)


Try increasing the verbosity level on log4j so we can get a better 
picture.



On 8/26/14, 7:29 AM, Francois Gaudreault wrote:

Hi,

We have couple VMs stuck in Expunging state in our setup, and I am 
not sure why. This is a 4.3.1-snapshot. This is what the log says:


2014-08-25 23:30:31,789 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Stopped called on 
VM[User|ketchup-web] but the state is Expunging
2014-08-25 23:30:31,808 WARN  [c.c.u.n.Link] 
(AgentManager-Selector:null) SSL: Fail to find the generated 
keystore. Loading fail-safe one to continue.
2014-08-25 23:30:31,810 DEBUG [c.c.c.CapacityManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) VM state transitted from :Expunging 
to Expunging with event: ExpungeOperationvm's original host id: 1 new 
host id: null host id before state transition: null
2014-08-25 23:30:31,811 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Destroying vm VM[User|ketchup-web]
2014-08-25 23:30:31,811 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning up NICS
2014-08-25 23:30:31,811 DEBUG [o.a.c.e.o.NetworkOrchestrator] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning network for vm: 61
2014-08-25 23:30:31,814 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning up hypervisor data 
structures (ex. SRs in XenServer) for managed storage
2014-08-25 23:30:31,821 DEBUG [o.a.c.e.o.VolumeOrchestrator] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning storage for vm: 61
2014-08-25 23:30:31,825 DEBUG [c.c.v.VirtualMachineManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Expunged VM[User|ketchup-web]
2014-08-25 23:30:31,825 DEBUG [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Starting cleaning up vm 
VM[User|ketchup-web] resources...
2014-08-25 23:30:31,856 DEBUG [c.c.n.f.FirewallManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) No firewall rules are found for vm 
id=61
2014-08-25 23:30:31,872 DEBUG [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Firewall rules are removed 
successfully as a part of vm id=61 expunge
2014-08-25 23:30:31,884 DEBUG [c.c.u.d.T.Transaction] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Rolling back the transaction: Time 
= 5 Name =  UserVm-Scavenger-1; called by 
-TransactionLegacy.rollback:896-TransactionLegacy.removeUpTo:839-TransactionLegacy.close:663-Transaction.execute:41-Transaction.execute:46-FirewallManagerImpl.revokeRule:732-GeneratedMethodAccessor278.invoke:-1-DelegatingMethodAccessorImpl.invoke:43-Method.invoke:606-AopUtils.invokeJoinpointUsingReflection:317-ReflectiveMethodInvocation.invokeJoinpoint:183-ReflectiveMethodInvocation.proceed:150
2014-08-25 23:30:31,887 WARN  [c.c.v.UserVmManagerImpl] 
(UserVm-Scavenger-1:ctx-bfdf6aa3) Unable to expunge VM[User|ketchup-web]


Any idea what's going on? Bug?








--
Francois Gaudreault
Gestionnaire de Produit | Product Manager - Cloud Platform & Services
t:514-629-6775

CloudOps Votre partenaire infonuagique | Cloud Solutions Experts
420 rue Guy | Montreal | Quebec | H3J 1S6
w: cloudops.com | tw: @CloudOps_

Jenkins build is still unstable: simulator-singlerun #216

[jenkins]

See 

RE: VMs stuck in expunging

[Michael Phillips]

Not sure if it's related but I do see the "SSL Fail to find the generated 
keystore" error which means your cloud.keystore file is not in the 
/etc/cloudstack/management folder..

> Date: Tue, 26 Aug 2014 19:18:51 -0400
> From: fgaudrea...@cloudops.com
> To: dev@cloudstack.apache.org
> Subject: Re: VMs stuck in expunging
> 
> Oh man, we have four in this state, and you don't want to see the other 
> names lol
> 
> I'll pump the log to trace and see what's going on.
> 
> Thanks!
> 
> FG
> 
> On 2014-08-26, 2:41 PM, ilya musayev wrote:
> > Its apparent that expunge failed, because VM name "ketchup-web" was to 
> > good to be deleted :)
> >
> > Try increasing the verbosity level on log4j so we can get a better 
> > picture.
> >
> >
> > On 8/26/14, 7:29 AM, Francois Gaudreault wrote:
> >> Hi,
> >>
> >> We have couple VMs stuck in Expunging state in our setup, and I am 
> >> not sure why. This is a 4.3.1-snapshot. This is what the log says:
> >>
> >> 2014-08-25 23:30:31,789 DEBUG [c.c.v.VirtualMachineManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Stopped called on 
> >> VM[User|ketchup-web] but the state is Expunging
> >> 2014-08-25 23:30:31,808 WARN  [c.c.u.n.Link] 
> >> (AgentManager-Selector:null) SSL: Fail to find the generated 
> >> keystore. Loading fail-safe one to continue.
> >> 2014-08-25 23:30:31,810 DEBUG [c.c.c.CapacityManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) VM state transitted from :Expunging 
> >> to Expunging with event: ExpungeOperationvm's original host id: 1 new 
> >> host id: null host id before state transition: null
> >> 2014-08-25 23:30:31,811 DEBUG [c.c.v.VirtualMachineManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Destroying vm VM[User|ketchup-web]
> >> 2014-08-25 23:30:31,811 DEBUG [c.c.v.VirtualMachineManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning up NICS
> >> 2014-08-25 23:30:31,811 DEBUG [o.a.c.e.o.NetworkOrchestrator] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning network for vm: 61
> >> 2014-08-25 23:30:31,814 DEBUG [c.c.v.VirtualMachineManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning up hypervisor data 
> >> structures (ex. SRs in XenServer) for managed storage
> >> 2014-08-25 23:30:31,821 DEBUG [o.a.c.e.o.VolumeOrchestrator] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Cleaning storage for vm: 61
> >> 2014-08-25 23:30:31,825 DEBUG [c.c.v.VirtualMachineManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Expunged VM[User|ketchup-web]
> >> 2014-08-25 23:30:31,825 DEBUG [c.c.v.UserVmManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Starting cleaning up vm 
> >> VM[User|ketchup-web] resources...
> >> 2014-08-25 23:30:31,856 DEBUG [c.c.n.f.FirewallManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) No firewall rules are found for vm 
> >> id=61
> >> 2014-08-25 23:30:31,872 DEBUG [c.c.v.UserVmManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Firewall rules are removed 
> >> successfully as a part of vm id=61 expunge
> >> 2014-08-25 23:30:31,884 DEBUG [c.c.u.d.T.Transaction] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Rolling back the transaction: Time 
> >> = 5 Name =  UserVm-Scavenger-1; called by 
> >> -TransactionLegacy.rollback:896-TransactionLegacy.removeUpTo:839-TransactionLegacy.close:663-Transaction.execute:41-Transaction.execute:46-FirewallManagerImpl.revokeRule:732-GeneratedMethodAccessor278.invoke:-1-DelegatingMethodAccessorImpl.invoke:43-Method.invoke:606-AopUtils.invokeJoinpointUsingReflection:317-ReflectiveMethodInvocation.invokeJoinpoint:183-ReflectiveMethodInvocation.proceed:150
> >> 2014-08-25 23:30:31,887 WARN  [c.c.v.UserVmManagerImpl] 
> >> (UserVm-Scavenger-1:ctx-bfdf6aa3) Unable to expunge VM[User|ketchup-web]
> >>
> >> Any idea what's going on? Bug?
> >>
> >
> >
> >
> 
> 
> -- 
> Francois Gaudreault
> Gestionnaire de Produit | Product Manager - Cloud Platform & Services
> t:514-629-6775
> 
> CloudOps Votre partenaire infonuagique | Cloud Solutions Experts
> 420 rue Guy | Montreal | Quebec | H3J 1S6
> w: cloudops.com | tw: @CloudOps_
> 
  

Re: [MERGE] Merge saml2 branch to master

[Ian Duffy]

Rohit,

Not necessary but if your interested in looking into it I'd imagine there's
an embedded idp maven plugin.

I know for the LDAP stuff we have an embedded Apache DS come up with some
bootstrap data.

Got any documentation? For setup purposes

Other than that +1
Hi Sebastien,

On 26-Aug-2014, at 10:38 am, Sebastien Goasguen  wrote:
> What's the unit test coverage ?

Class, %Method, %Line, %
SAMLUtils100% (1/ 1)80% (8/ 10)75% (66/ 88)
SAML2UserAuthenticator100% (1/ 1)100% (4/ 4)84.6% (11/ 13)
SAML2LoginAPIAuthenticatorCmd100% (1/ 1)45.5% (5/ 11)50.8% (63/ 124)
SAML2LoginAPIAuthenticatorCmdTest100% (1/ 1)100% (4/ 4)98.6% (72/ 73)
SAML2LogoutAPIAuthenticatorCmd100% (1/ 1)62.5% (5/ 8)35.3% (18/ 51)
SAML2LogoutAPIAuthenticatorCmdTest100% (1/ 1)100% (3/ 3)100% (26/ 26)
SAML2AuthManagerImpl0% (0/ 1)0% (0/ 12)0% (0/ 60)

(The last one, auth manager is an adapter which is injected by Spring to an
api auth manager, the start() method of which depends on fetching metadata
from external IdP so may not be unit tested).

Existing contract of ApiServlet and other classes and their external
interfaces have not changed. ApiServlet’s test cases were fixed.

> Can you add some Marvin/integration tests ?

Depends on external entity, IdP, will be difficult to write and I don’t
know how.
The saml plugin’s external operation consists of redirecting user to IdP
for authentication when samlsso or samlslo apis are called. Selenium tests
could be written but we don’t have any such infra or existing tests yet.

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +41 779015219 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Infrastructure Support<
http://shapeblue.com/cloudstack-infrastructure-support/>
CloudStack Bootcamp Training Courses<
http://shapeblue.com/cloudstack-training/>

This email and any attachments to it may be confidential and are intended
solely for the use of the individual to whom it is addressed. Any views or
opinions expressed are solely those of the author and do not necessarily
represent those of Shape Blue Ltd or related companies. If you are not the
intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender
if you believe you have received this email in error. Shape Blue Ltd is a
company incorporated in England & Wales. ShapeBlue Services India LLP is a
company incorporated in India and is operated under license from Shape Blue
Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
a company registered by The Republic of South Africa and is traded under
license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Re: Should CloudStack support forced password reset?

[Chiradeep Vittal]

The cloud operator can call the updateUser API themselves? Then they can send 
an email to their users telling them their new password. There is no ‘password 
change’ protocol at the moment. It is assumed that user provisioning and user 
lifecycle is best left to a different system.

From: Demetrius Tsitrelis 
mailto:demetrius.tsitre...@citrix.com>>
Reply-To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Date: Thursday, August 21, 2014 at 11:28 AM
To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Subject: Should CloudStack support forced password reset?

For legacy reasons the MD5 and plaintext plugins are included in the list of 
authenticators.  If a company has been using CloudStack for awhile they may 
want to move all their users to a stronger plugin such as SHA256SALTED (which 
is now the default).

Is there a mechanism to do that?  It doesn't appear that there is so I propose 
modify the API as follows:


1)  Include a result in the response to the login API which indicates 
whether a user must change his password.

2)  If a user is in this state have him call a new API called 
changeMyPassword.  That API would require his old password and a new password.  
If the calls succeeds then the user can retry the login API with his new 
password.

3)  Add a new parameter named forceUserToChangePassword to the UpdateUser 
API.  An admin would set that parameter value to indicate that a user is 
required to change his password.

Thoughts?

Re: How to re-use CloudStack's keystore?

[Chiradeep Vittal]

I think the keystoreManager provides a generic interface. I’d think that 
certificate re-use is probably not a good idea, might be worth using a 
different cert for different purposes. One compromise will affect only one part 
of the system?

From: Rohit Yadav mailto:rohit.ya...@shapeblue.com>>
Reply-To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Date: Friday, August 22, 2014 at 2:35 PM
To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Subject: Re: How to re-use CloudStack's keystore?

Hello!

On 18-Aug-2014, at 11:48 am, Rohit Yadav 
mailto:rohit.ya...@shapeblue.com>> wrote:

Is there any documentation on how one can reuse CloudStack’s default java 
keystore keys (private and public) and any recommendation on security 
consideration? If not, can anyone share something on this, how it is 
created/updated, who uses it currently and how one can (re)use the keys for 
x509 based authentication, encryption and decryption.

Ping?

Anyone has any idea how to re-use as I don’t want to duplicate x509 crypto 
usage within the codebase?

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +41 779015219 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design & Build
CSForge – rapid IaaS deployment framework
CloudStack Consulting
CloudStack Infrastructure 
Support
CloudStack Bootcamp Training Courses

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England & Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

TomCat 404

[mo]

Greetings,

I am having issues with tomcat 404 error, I presently have 
Apache Tomcat/6.0.39

I believe that may be the issue? I am also using KVM / CentoOS 6.5. 

Anyone else have any idea?

- Mo

Re: Developing for Project Support

[Chiradeep Vittal]

IMO, the existing project implementation isn’t a good example (looks like the 
requirements were incomplete).

From: Will Stevens mailto:wstev...@cloudops.com>>
Reply-To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Date: Monday, August 25, 2014 at 11:20 AM
To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Subject: Developing for Project Support

Hey All,
I have had a quick look around at some of the different implementations and
I am seeing that projects in CS seem to be handled as 'special' accounts.
The API calls have fields like 'projectid' and such, but those details are
not saved into the DB, the only thing that happens in the DB is a new
project account ID is added to the db for that element (think, networks,
instances, etc...)

If I want to extend the functionality of an existing piece of code which
does not support projects to also support projects, do you know of any
specific examples in the code that are good implementations which I should
be using as a good example to follow for adding project support?

Thanks,

*Will STEVENS*
Lead Developer

*CloudOps* *| *Cloud Solutions Experts
420 rue Guy *|* Montreal *|* Quebec *|* H3J 1S6
w cloudops.com *|* tw @CloudOps_

RE: TomCat 404

[Michael Phillips]

Pretty sure they say 6.0.33 is the recommended version...any devs want to chime 
in on that?

> Date: Tue, 26 Aug 2014 20:42:11 -0400
> From: m...@daoenix.com
> To: dev@cloudstack.apache.org
> Subject: TomCat 404
> 
> Greetings,
> 
> I am having issues with tomcat 404 error, I presently have 
> Apache Tomcat/6.0.39
> 
> I believe that may be the issue? I am also using KVM / CentoOS 6.5. 
> 
> Anyone else have any idea?
> 
> - Mo
  

Re: TomCat 404

[Carlos Reategui]

Also make sure the default tomcat service is set to NOT start.  Cloudstack
should be the one starting it.


On Tue, Aug 26, 2014 at 5:47 PM, Michael Phillips 
wrote:

> Pretty sure they say 6.0.33 is the recommended version...any devs want to
> chime in on that?
>
> > Date: Tue, 26 Aug 2014 20:42:11 -0400
> > From: m...@daoenix.com
> > To: dev@cloudstack.apache.org
> > Subject: TomCat 404
> >
> > Greetings,
> >
> > I am having issues with tomcat 404 error, I presently have
> > Apache Tomcat/6.0.39
> >
> > I believe that may be the issue? I am also using KVM / CentoOS 6.5.
> >
> > Anyone else have any idea?
> >
> > - Mo
>

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Chiradeep Vittal]

The current design is “OK”, not great. Looking for suggestions to make it more 
secure. E.g.,:

  *   HTTPS
  *   Client authentication

Another idea might be to attach a volume to the VM with the password, but hot 
plug detection varies widely from OS/Hypervisor combinations.
HTTP(s) is the lowest common denominator, but it has some trade-offs.

From: John Kinsella mailto:j...@stratosec.co>>
Reply-To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Date: Tuesday, August 26, 2014 at 4:04 PM
To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Subject: Re: [DISCUSS] Changing the way password reset works, or allowing the 
cloud-init way


On Aug 26, 2014, at 1:34 PM, Erik Weber 
mailto:terbol...@gmail.com>> wrote:
If I understand correctly, we currently deploy a web server on port 8080 on

Slight correction: A processes on the VR listens on port 8080, and hands any 
connections to a UNIX script. Calling it a "web server" is way too kind.

Also, you’re just looking at the unix use-case. The Windows agent is close 
sourced the last I checked.

Cloud-init doesn’t feel like the best solution, as the one good thing the 
current setup does is remove the password from the VR after it’s fetched.

Thought there was a bug filed on this, but I don’t see it?

Re: TomCat 404

[mo]

How can on be sure the default does not start? I would assume chkconfig?



On August 26, 2014 at 8:50:18 PM, Carlos Reategui (car...@reategui.com) wrote:

Also make sure the default tomcat service is set to NOT start. Cloudstack 
should be the one starting it. 


On Tue, Aug 26, 2014 at 5:47 PM, Michael Phillips  
wrote: 

> Pretty sure they say 6.0.33 is the recommended version...any devs want to 
> chime in on that? 
> 
> > Date: Tue, 26 Aug 2014 20:42:11 -0400 
> > From: m...@daoenix.com 
> > To: dev@cloudstack.apache.org 
> > Subject: TomCat 404 
> > 
> > Greetings, 
> > 
> > I am having issues with tomcat 404 error, I presently have 
> > Apache Tomcat/6.0.39 
> > 
> > I believe that may be the issue? I am also using KVM / CentoOS 6.5. 
> > 
> > Anyone else have any idea? 
> > 
> > - Mo 
> 

Re: TomCat 404

[Chiradeep Vittal]

So says https://cwiki.apache.org/confluence/x/hQLVAQ
I believe folks have had success with Tomcat 7 though (anybody can confirm?)

From: Carlos Reategui mailto:car...@reategui.com>>
Reply-To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Date: Tuesday, August 26, 2014 at 5:49 PM
To: "dev@cloudstack.apache.org" 
mailto:dev@cloudstack.apache.org>>
Subject: Re: TomCat 404

Also make sure the default tomcat service is set to NOT start.  Cloudstack
should be the one starting it.


On Tue, Aug 26, 2014 at 5:47 PM, Michael Phillips 
mailto:mphilli7...@hotmail.com>>
wrote:

Pretty sure they say 6.0.33 is the recommended version...any devs want to
chime in on that?

> Date: Tue, 26 Aug 2014 20:42:11 -0400
> From: m...@daoenix.com
> To: dev@cloudstack.apache.org
> Subject: TomCat 404
>
> Greetings,
>
> I am having issues with tomcat 404 error, I presently have
> Apache Tomcat/6.0.39
>
> I believe that may be the issue? I am also using KVM / CentoOS 6.5.
>
> Anyone else have any idea?
>
> - Mo

Re: TomCat 404

[Carlos Reategui]

to verify if that is the problem:

service tomcat6 stop
service cloudstack-management restart

And try the webpage again.

If it works then:
chkconfig tomcat6 off

Please note that if you update tomcat it is likely the update (i.e.
yum/apt) process will stop and start tomcat and cause the cloudstack page
to not work again.




On Tue, Aug 26, 2014 at 5:53 PM, mo  wrote:

> How can on be sure the default does not start? I would assume chkconfig?
>
>
>
> On August 26, 2014 at 8:50:18 PM, Carlos Reategui (car...@reategui.com)
> wrote:
>
> Also make sure the default tomcat service is set to NOT start. Cloudstack
> should be the one starting it.
>
>
> On Tue, Aug 26, 2014 at 5:47 PM, Michael Phillips  >
> wrote:
>
> > Pretty sure they say 6.0.33 is the recommended version...any devs want to
> > chime in on that?
> >
> > > Date: Tue, 26 Aug 2014 20:42:11 -0400
> > > From: m...@daoenix.com
> > > To: dev@cloudstack.apache.org
> > > Subject: TomCat 404
> > >
> > > Greetings,
> > >
> > > I am having issues with tomcat 404 error, I presently have
> > > Apache Tomcat/6.0.39
> > >
> > > I believe that may be the issue? I am also using KVM / CentoOS 6.5.
> > >
> > > Anyone else have any idea?
> > >
> > > - Mo
> >
>

Re: TomCat 404

[mo]

That did not work, I suspect I should downgrade me version, or upgrade it to 7?

- Mo

On August 26, 2014 at 8:59:53 PM, Carlos Reategui (car...@reategui.com) wrote:

service tomcat6 stop 

Re: TomCat 404

[Carlos Reategui]

Is there an error in your management-server logs?


On Tue, Aug 26, 2014 at 6:01 PM, mo  wrote:

> That did not work, I suspect I should downgrade me version, or upgrade it
> to 7?
>
> - Mo
>
> On August 26, 2014 at 8:59:53 PM, Carlos Reategui (car...@reategui.com)
> wrote:
>
> service tomcat6 stop
>

Re: TomCat 404

[mo]

I suspect having bind-address = your IP address is not the way to go, I was 
getting mysql connection issues. I put it back to localhost and it seemed to go 
on. 

- Mo

On August 26, 2014 at 9:04:52 PM, Carlos Reategui (create...@gmail.com) wrote:

Is there an error in your management-server logs?  


On Tue, Aug 26, 2014 at 6:01 PM, mo  wrote:  

> That did not work, I suspect I should downgrade me version, or upgrade it  
> to 7?  
>  
> - Mo  
>  
> On August 26, 2014 at 8:59:53 PM, Carlos Reategui (car...@reategui.com)  
> wrote:  
>  
> service tomcat6 stop  
>  

Re: Getting the system template when using Swift as Secondary Storage

[Francois Gaudreault]

I opened a bug. If anybody wants to look at it. Ill upload the 
management log snippet on the morning:

https://issues.apache.org/jira/browse/CLOUDSTACK-7443

If the file structure is present, the routing-1 template is not pulled 
back from swift, and the SSVM creation fails. However, if I strip one 
directory level to make it template/1 instead of template/1/1, it's all 
working.


FG

On 2014-08-26, 1:59 PM, Francois Gaudreault wrote:
So I looked it more, and apparently my template is being downloaded, 
pushed to Swift, but then nothing happens. The template is never 
switched to Ready in the DB, so SSVMs are never launched.


Any ideas what would cause that?

FG

On 2014-08-25, 10:21 AM, Francois Gaudreault wrote:

Hi,

So far, the only way I found to get SSVM running if using Swift as 
SecStorage is to initially configure the secondary storage as 
standard NFS, get the SSVMs to start, and then switch back to Swift + 
NFS Staging. I have a feeling that this is not the expected behavior. 
Should we be able to start the zone without having to switch from 
standard NFS to Swift once the SSVMs are up?


Thanks!







--
Francois Gaudreault
Gestionnaire de Produit | Product Manager - Cloud Platform & Services
t:514-629-6775

CloudOps Votre partenaire infonuagique | Cloud Solutions Experts
420 rue Guy | Montreal | Quebec | H3J 1S6
w: cloudops.com | tw: @CloudOps_

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Marcus]

We had set up an agent in the VM that listens on the virtio serial port,
similar to how the virtual router gets its configurations now in KVM. Host
to guest communication is an option, and is fairly standardized (qemu guest
agent, VMware tools, xen tools). It takes a little more work to write a
daemon, but you could do a lot more with it.

  I'm not entirely convinced the current design is broken enough to warrant
a redesign (or at least I wouldn't want to see compatibility go away).
On Aug 26, 2014 6:51 PM, "Chiradeep Vittal" 
wrote:

> The current design is “OK”, not great. Looking for suggestions to make it
> more secure. E.g.,:
>
>   *   HTTPS
>   *   Client authentication
>
> Another idea might be to attach a volume to the VM with the password, but
> hot plug detection varies widely from OS/Hypervisor combinations.
> HTTP(s) is the lowest common denominator, but it has some trade-offs.
>
> From: John Kinsella mailto:j...@stratosec.co>>
> Reply-To: "dev@cloudstack.apache.org" <
> dev@cloudstack.apache.org>
> Date: Tuesday, August 26, 2014 at 4:04 PM
> To: "dev@cloudstack.apache.org" <
> dev@cloudstack.apache.org>
> Subject: Re: [DISCUSS] Changing the way password reset works, or allowing
> the cloud-init way
>
>
> On Aug 26, 2014, at 1:34 PM, Erik Weber  terbol...@gmail.com>> wrote:
> If I understand correctly, we currently deploy a web server on port 8080 on
>
> Slight correction: A processes on the VR listens on port 8080, and hands
> any connections to a UNIX script. Calling it a "web server" is way too kind.
>
> Also, you’re just looking at the unix use-case. The Windows agent is close
> sourced the last I checked.
>
> Cloud-init doesn’t feel like the best solution, as the one good thing the
> current setup does is remove the password from the VR after it’s fetched.
>
> Thought there was a bug filed on this, but I don’t see it?
>
>
>

Re: S3/Swift Problem around Virtual Size

[Francois Gaudreault]

Looks like your SSVM cannot reach Internet properly?

FG

On 2014-08-26, 11:14 AM, Punith S wrote:

hi francois,

since i'm not having a swift setup, i'm using the s3 bucket.

and as you recommended i got the SSVM up with seeded nfs storage,

post that i removed the nfs secondary storage and added the S3 with 
staging nfs store as the new sec storage, since you cannot have any 
nfs secondary storage while using the S3.


on registering the a new template, i'm getting template status 
as*Unable to execute HTTP request: No route to host*

in managementserver.log

2014-08-26 20:41:07,502 DEBUG [o.a.c.s.RemoteHostEndPoint] 
(Timer-24:ctx-b68380cd) Sending command 
org.apache.cloudstack.storage.command.DownloadProgressCommand to host: 10
2014-08-26 20:41:07,507 DEBUG [c.c.a.t.Request] 
(Timer-24:ctx-b68380cd) Seq 10-5684105679694996125: Sending  { Cmd , 
MgmtId: 52242179434, via: 10(s-142-VM), Ver: v1, Flags: 100011, 
[{"org.apache.cloudstack.storage.command.DownloadProgressCommand":{"jobId":"d43a17c9-3b03-4ff9-8906-e1d155981e86","request":"GET_STATUS","hvm":true,"description":"centext","maxDownloadSizeInBytes":53687091200,"id":209,"resourceType":"TEMPLATE","installPath":"template/tmpl/2/209/209-2-b624436c-5f37-30d4-8eaf-81582eb0d39d","_store":{"com.cloud.agent.api.to.S3TO":{"id":14,"uuid":"e4afd7bb-39ea-4128-ab93-f8a09b1d5e03","bucketName":"test-cloudstack","httpsFlag":false,"created":"Aug 
26, 2014 8:16:24 
PM","enableRRS":false,"maxSingleUploadSizeInBytes":5368709120}},"url":"http://download.cloud.com/templates/builtin/centos56-x86_64.vhd.bz2","format":"VHD","accountId":2,"name":"209-2-b624436c-5f37-30d4-8eaf-81582eb0d39d","wait":0}}] 
}
2014-08-26 20:41:07,556 DEBUG [c.c.a.t.Request] 
(AgentManager-Handler-10:null) Seq 10-5684105679694996125: Processing: 
 { Ans: , MgmtId: 52242179434, via: 10, Ver: v1, Flags: 10, 
[{"com.cloud.agent.api.storage.DownloadAnswer":{"jobId":"d43a17c9-3b03-4ff9-8906-e1d155981e86","downloadPct":0,"errorString":"No 
route to 
host","downloadStatus":"DOWNLOAD_ERROR","installPath":"template/tmpl/2/209/209-2-b624436c-5f37-30d4-8eaf-81582eb0d39d","templateSize":0,"templatePhySicalSize":0,"result":true,"details":"No 
route to host","wait":0}}] }


but i don't see any logging happening in secondary storage vm's cloud.log

not sure this error is happening due to S3!


thanks!



--
Francois Gaudreault
Gestionnaire de Produit | Product Manager - Cloud Platform & Services
t:514-629-6775

CloudOps Votre partenaire infonuagique | Cloud Solutions Experts
420 rue Guy | Montreal | Quebec | H3J 1S6
w: cloudops.com | tw: @CloudOps_

Re: S3/Swift Problem around Virtual Size

[Marcus]

Per Edisons comments about not knowing the image size, can't we just set
some headers and store metadata with the template in S3 to save the virtual
size when the template is registered? I'm assuming here that the SSVM does
the work of pulling the template in and uploading to S3. Or it could be
stored in the template table?
On Aug 26, 2014 9:11 PM, "Francois Gaudreault" 
wrote:

> Looks like your SSVM cannot reach Internet properly?
>
> FG
>
> On 2014-08-26, 11:14 AM, Punith S wrote:
>
>> hi francois,
>>
>> since i'm not having a swift setup, i'm using the s3 bucket.
>>
>> and as you recommended i got the SSVM up with seeded nfs storage,
>>
>> post that i removed the nfs secondary storage and added the S3 with
>> staging nfs store as the new sec storage, since you cannot have any nfs
>> secondary storage while using the S3.
>>
>> on registering the a new template, i'm getting template status as*Unable
>> to execute HTTP request: No route to host*
>> in managementserver.log
>>
>> 2014-08-26 20:41:07,502 DEBUG [o.a.c.s.RemoteHostEndPoint]
>> (Timer-24:ctx-b68380cd) Sending command org.apache.cloudstack.storage.
>> command.DownloadProgressCommand to host: 10
>> 2014-08-26 20:41:07,507 DEBUG [c.c.a.t.Request] (Timer-24:ctx-b68380cd)
>> Seq 10-5684105679694996125: Sending  { Cmd , MgmtId: 52242179434, via:
>> 10(s-142-VM), Ver: v1, Flags: 100011, [{"org.apache.cloudstack.
>> storage.command.DownloadProgressCommand":{"jobId":"d43a17c9-3b03-4ff9-
>> 8906-e1d155981e86","request":"GET_STATUS","hvm":true,"
>> description":"centext","maxDownloadSizeInBytes":53687091200,"id":209,"
>> resourceType":"TEMPLATE","installPath":"template/tmpl/2/
>> 209/209-2-b624436c-5f37-30d4-8eaf-81582eb0d39d","_store":{"
>> com.cloud.agent.api.to.S3TO":{"id":14,"uuid":"e4afd7bb-39ea-
>> 4128-ab93-f8a09b1d5e03","bucketName":"test-cloudstack",
>> "httpsFlag":false,"created":"Aug 26, 2014 8:16:24 PM","enableRRS":false,"
>> maxSingleUploadSizeInBytes":5368709120}},"url":"http://
>> download.cloud.com/templates/builtin/centos56-x86_64.vhd.bz2
>> ","format":"VHD","accountId":2,"name":"209-2-b624436c-5f37-30d4-8eaf-81582eb0d39d","wait":0}}]
>> }
>> 2014-08-26 20:41:07,556 DEBUG [c.c.a.t.Request]
>> (AgentManager-Handler-10:null) Seq 10-5684105679694996125: Processing:  {
>> Ans: , MgmtId: 52242179434, via: 10, Ver: v1, Flags: 10,
>> [{"com.cloud.agent.api.storage.DownloadAnswer":{"
>> jobId":"d43a17c9-3b03-4ff9-8906-e1d155981e86","
>> downloadPct":0,"errorString":"No route to host","downloadStatus":"
>> DOWNLOAD_ERROR","installPath":"template/tmpl/2/209/209-2-
>> b624436c-5f37-30d4-8eaf-81582eb0d39d","templateSize":
>> 0,"templatePhySicalSize":0,"result":true,"details":"No route to
>> host","wait":0}}] }
>>
>> but i don't see any logging happening in secondary storage vm's cloud.log
>>
>> not sure this error is happening due to S3!
>>
>>
>> thanks!
>>
>
>
> --
> Francois Gaudreault
> Gestionnaire de Produit | Product Manager - Cloud Platform & Services
> t:514-629-6775
>
> CloudOps Votre partenaire infonuagique | Cloud Solutions Experts
> 420 rue Guy | Montreal | Quebec | H3J 1S6
> w: cloudops.com | tw: @CloudOps_
>
>

[GitHub] cloudstack-docs-admin pull request: moved ldap.firstname.attribute...

[karuturi]

GitHub user karuturi opened a pull request:

https://github.com/apache/cloudstack-docs-admin/pull/17

moved ldap.firstname.attribute to the correct section.



You can merge this pull request into a Git repository by running:

$ git pull https://github.com/karuturi/cloudstack-docs-admin 4.3-ldap-format

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/cloudstack-docs-admin/pull/17.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #17


commit 4955c529b62e49f75ab952fe09a2a526a1429ba0
Author: Rajani Karuturi 
Date:   2014-08-27T04:30:36Z

moved ldap.firstname.attribute to the correct section.




---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] cloudstack-docs-admin pull request: moved ldap.firstname.attribute...

[asfgit]

Github user asfgit closed the pull request at:

https://github.com/apache/cloudstack-docs-admin/pull/17


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Re: CI: simulator tests and jenkins

[Rajani Karuturi]

build failure emails are bothering me.

I am ready to help fix it if we agree to give it some attention after each
checkin.

If not can we at least disable the job?


~Rajani


On Mon, Aug 25, 2014 at 2:54 PM, Rajani Karuturi  wrote:

> We are discussing on the CI infra and the tests/hardware required. It is a
> much needed discussion. Its something which everybody agrees that we
> require.
>
> Can we take a step back and look at out existing jenkins setup?
> No CI system would help us if we dont look at it.
>
> We have [simulator-singlerun] job there which I believe runs after every
> commit and executes all the simulator based tests. (I am not sure on this.
> Can someone confirm?)
> This job has been failing for the past 100+ builds with 1 consistent
> failure and a few no ones here and there.
> Can we give enough attention to this please and fix any failures
> immediately?
>
>  We also have a [hotfix-trigger] which is run on any branch with name
> matching hotfix*
>
> Anybody aware of any such job which runs test cases/does sanity checking?
>
> [simulator-singlerun]
> http://jenkins.buildacloud.org/job/simulator-singlerun/
> [hotfix-trigger]
> http://jenkins.buildacloud.org/view/simulator/job/simulator-hotfix-trigger/
>
> ~Rajani
>

Re: Review Request 24055: CLOUDSTACK-2251: Automation test cases for feature - Dedicated guest VLAN ranges per tenant

[Ashutosh Kelkar]

> On Aug. 18, 2014, 5:36 a.m., sanjeev n wrote:
> > test/integration/component/test_dedicate_guest_vlan_ranges.py, line 1197
> > 
> >
> > This assert statement does not make sense because no vlan would be 
> > assigned to the network created here. Not sure what would be the value of 
> > netowrks[0].vlan when there is no vlan assigned for the network.
> 
> Ashutosh Kelkar wrote:
> Why would there be no vlan assigned? The network takes vlan from the 
> dedicated range automatically, and if dedicated range is not availble, then 
> it will take random vlan from the vlan range of physical network.

I have used persistent network here, hence it will automatically get a vlan id 
even when VM is not deployed in it.


- Ashutosh


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/24055/#review50850
---


On Aug. 22, 2014, 10:14 a.m., Ashutosh Kelkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/24055/
> ---
> 
> (Updated Aug. 22, 2014, 10:14 a.m.)
> 
> 
> Review request for cloudstack, suresh sadhu, sailaja mada, sanjeev n, and 
> Sowmya Krishnan.
> 
> 
> Bugs: CLOUDSTACK-2251
> https://issues.apache.org/jira/browse/CLOUDSTACK-2251
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> Automation test cases for feature - Dedicated guest VLAN ranges per tenant
> 
> 
> Diffs
> -
> 
>   test/integration/component/test_dedicate_guest_vlan_ranges.py PRE-CREATION 
>   tools/marvin/marvin/lib/base.py f0d53a6 
>   tools/marvin/marvin/lib/common.py 3706456 
> 
> Diff: https://reviews.apache.org/r/24055/diff/
> 
> 
> Testing
> ---
> 
> Yes.
> 
> 
> Thanks,
> 
> Ashutosh Kelkar
> 
>

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Erik Weber]

On Wed, Aug 27, 2014 at 1:04 AM, John Kinsella  wrote:

>
> On Aug 26, 2014, at 1:34 PM, Erik Weber  wrote:
> > If I understand correctly, we currently deploy a web server on port 8080
> on
>
> Slight correction: A processes on the VR listens on port 8080, and hands
> any connections to a UNIX script. Calling it a "web server" is way too kind.
>
>

Thanks for the clarification :-)



> Also, you’re just looking at the unix use-case. The Windows agent is close
> sourced the last I checked.
>
>
You're right, I haven't checked the Windows part. I see that cloudbase-init
is ASL2, but I haven't verified if it works in this scenario or not, ie. I
don't know if they have the ACS provider.



> Cloud-init doesn’t feel like the best solution, as the one good thing the
> current setup does is remove the password from the VR after it’s fetched.
>
> Thought there was a bug filed on this, but I don’t see it?
>
>

Re: [DISCUSS] Changing the way password reset works, or allowing the cloud-init way

[Erik Weber]

On Wed, Aug 27, 2014 at 4:47 AM, Marcus  wrote:

> We had set up an agent in the VM that listens on the virtio serial port,
> similar to how the virtual router gets its configurations now in KVM. Host
> to guest communication is an option, and is fairly standardized (qemu guest
> agent, VMware tools, xen tools). It takes a little more work to write a
> daemon, but you could do a lot more with it.
>
>   I'm not entirely convinced the current design is broken enough to warrant
> a redesign (or at least I wouldn't want to see compatibility go away).
>


I'm not saying it is broken in any way. I'm just saying that considering
the fact that most people already use cloud-init for keys or bootstrapping
or whatever, it would be great if we atleast discuss the possibility to
somehow provide it with password resets as well.

I'm not directly suggesting that we ditch the current way to do password
resets either, I don't mind it being there.

After all using cloud-init to password reset is currently working, but that
you cannot update user-data after vm launch is a limiting factor in ACS.
If we had that, which I think we should regardless of passwords, we could
easily document how to do it as a first phase thing.


-- 
Erik

Re: Review Request 23819: CLOUDSTACK-2251: Automation tests for dedicated public IP addreses per tenant feature

[Ashutosh Kelkar]

> On Aug. 18, 2014, 12:19 p.m., sanjeev n wrote:
> > test/integration/component/test_dedicate_public_ip_range.py, line 920
> > 
> >
> > What is the need for acquiring ip address here? Not deploying any vms 
> > in the netowrk so why do we need IP address for source nat?

I will be working on this patch.
Apparently we can't add a guest network without source nat, the network 
offering does not list out when we try to create a network with network 
offering which does not provide source nat.

And when the source nat service is enabled for a network, the first public IP 
acquired is used for source nat and we can't disassociate it.


> On Aug. 18, 2014, 12:19 p.m., sanjeev n wrote:
> > test/integration/component/test_dedicate_public_ip_range.py, line 1080
> > 
> >
> > Add code to verify the ip range release is success or not.

Will do.

I will add the patch with review changes through my account.


- Ashutosh


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/23819/#review50869
---


On July 22, 2014, 5:52 p.m., Girish Shilamkar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/23819/
> ---
> 
> (Updated July 22, 2014, 5:52 p.m.)
> 
> 
> Review request for cloudstack, sanjeev n and SrikanteswaraRao Talluri.
> 
> 
> Bugs: CLOUDSTACK-2251
> https://issues.apache.org/jira/browse/CLOUDSTACK-2251
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> ---
> 
> CLOUDSTACK-2251: Automation tests for dedicated public IP addreses per tenant 
> feature
> 
> 
> Diffs
> -
> 
>   test/integration/component/test_dedicate_public_ip_range.py PRE-CREATION 
>   tools/marvin/marvin/config/test_data.py 3cd4b6c 
>   tools/marvin/marvin/lib/base.py 1a32275 
> 
> Diff: https://reviews.apache.org/r/23819/diff/
> 
> 
> Testing
> ---
> 
> Yes
> 
> 
> Thanks,
> 
> Girish Shilamkar
> 
>