[GitHub] rhtyd commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
rhtyd commented on a change in pull request #13: Update Quick Installation Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228724845
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -71,75 +71,107 @@ CloudStack. We will go over the steps to prepare now.
 Operating System
 
 
-Using the CentOS 6.8 x86_64 minimal install ISO, you'll need to install CentOS 
6 
+Using the CentOS 7.5 x86_64 install ISO, you'll need to install CentOS 7 
 on your hardware. The defaults will generally be acceptable for this 
-installation.
+installation. You may want to configure network configuration during
+setup - either using the guidelines below, or using a standard access
+configuration which we will modify later.
 
-Once this installation is complete, you'll want to connect to your freshly 
-installed machine via SSH as the root user. Note that you should not allow 
-root logins in a production environment, so be sure to turn off remote logins 
-once you have finished the installation and configuration.
+Once this installation is complete, you'll want to gain access to your
+server - through SSH (if network is configured) or connected peripherals.
+Note that you should not allow remote root logins in a production
+environment, so be sure to turn off this feature once the installation
+and configuration is complete. 
+
+If your network interface was configured to grant the server internet
+access, it is always wise to update the system before starting: 
+
+.. parsed-literal::
+   # yum -y upgrade
 
 
 .. _conf-network:
 
 Configuring the network
 ^^^
 
-By default the network will not come up on your hardware and you will need to 
-configure it to work in your environment. Since we specified that there will 
-be no DHCP server in this environment we will be manually configuring your 
-network interface. We will assume, for the purposes of this exercise, that 
-eth0 is the only network interface that will be connected and used.
-
-Connecting via the console you should login as root. Check the file 
-/etc/sysconfig/network-scripts/ifcfg-eth0, it will look like this by default:
-
-::
-
-   DEVICE="eth0"
-   HWADDR="52:54:00:B9:A6:C0"
-   NM_CONTROLLED="yes"
-   ONBOOT="no"
+Unless you have configured it during install, which will not be covered by
+this guide, the network interface will not come up on your hardware and you
+will need to configure it to work in your environment. Since we specified 
+that there will be no DHCP server in this environment we will be manually 
+configuring your network interface. 
 
-Unfortunately, this configuration will not permit you to connect to the 
-network, and is also unsuitable for our purposes with CloudStack. We want to 
-configure that file so that it specifies the IP address, netmask, etc., as 
-shown in the following example:
+Connecting via the console you should login as root. We will start by creating
+the bridge that Cloudstack will use for networking. Create and open
+/etc/sysconfig/network-scripts/ifcfg-cloudbr0 and add the following settings:
 
 .. note:: 
-   You should not use the Hardware Address (aka the MAC address) from our 
-   example for your configuration. It is network interface specific, so you 
-   should keep the address already provided in the HWADDR directive.
-
-:: 
+   IP Addressing - Throughout this document we are assuming that you will have 
+   a /24 network for your CloudStack implementation. This can be any RFC 1918 
+   network. However, we are assuming that you will match the machine address 
+   that we are using. Thus we may use 172.16.10.2 and because you might be 
+   using the 192.168.55.0/24 network you would use 192.168.55.2
+   
+::
 
-   DEVICE=eth0
-   HWADDR=52:54:00:B9:A6:C0
-   NM_CONTROLLED=no
+   DEVICE=cloudbr0
+   TYPE=Bridge
ONBOOT=yes
BOOTPROTO=none
 
 Review comment:
   `BOOTPROTO=static`. You may add the following:
   ```
   DELAY=0
   STP=yes
   USERCTL=no
   NM_CONTROLLED=no
   ```


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

[GitHub] rhtyd commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
rhtyd commented on a change in pull request #13: Update Quick Installation Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228724909
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -71,75 +71,107 @@ CloudStack. We will go over the steps to prepare now.
 Operating System
 
 
-Using the CentOS 6.8 x86_64 minimal install ISO, you'll need to install CentOS 
6 
+Using the CentOS 7.5 x86_64 install ISO, you'll need to install CentOS 7 
 on your hardware. The defaults will generally be acceptable for this 
-installation.
+installation. You may want to configure network configuration during
+setup - either using the guidelines below, or using a standard access
+configuration which we will modify later.
 
-Once this installation is complete, you'll want to connect to your freshly 
-installed machine via SSH as the root user. Note that you should not allow 
-root logins in a production environment, so be sure to turn off remote logins 
-once you have finished the installation and configuration.
+Once this installation is complete, you'll want to gain access to your
+server - through SSH (if network is configured) or connected peripherals.
+Note that you should not allow remote root logins in a production
+environment, so be sure to turn off this feature once the installation
+and configuration is complete. 
+
+If your network interface was configured to grant the server internet
+access, it is always wise to update the system before starting: 
+
+.. parsed-literal::
+   # yum -y upgrade
 
 
 .. _conf-network:
 
 Configuring the network
 ^^^
 
-By default the network will not come up on your hardware and you will need to 
-configure it to work in your environment. Since we specified that there will 
-be no DHCP server in this environment we will be manually configuring your 
-network interface. We will assume, for the purposes of this exercise, that 
-eth0 is the only network interface that will be connected and used.
-
-Connecting via the console you should login as root. Check the file 
-/etc/sysconfig/network-scripts/ifcfg-eth0, it will look like this by default:
-
-::
-
-   DEVICE="eth0"
-   HWADDR="52:54:00:B9:A6:C0"
-   NM_CONTROLLED="yes"
-   ONBOOT="no"
+Unless you have configured it during install, which will not be covered by
+this guide, the network interface will not come up on your hardware and you
+will need to configure it to work in your environment. Since we specified 
+that there will be no DHCP server in this environment we will be manually 
+configuring your network interface. 
 
-Unfortunately, this configuration will not permit you to connect to the 
-network, and is also unsuitable for our purposes with CloudStack. We want to 
-configure that file so that it specifies the IP address, netmask, etc., as 
-shown in the following example:
+Connecting via the console you should login as root. We will start by creating
+the bridge that Cloudstack will use for networking. Create and open
+/etc/sysconfig/network-scripts/ifcfg-cloudbr0 and add the following settings:
 
 .. note:: 
-   You should not use the Hardware Address (aka the MAC address) from our 
-   example for your configuration. It is network interface specific, so you 
-   should keep the address already provided in the HWADDR directive.
-
-:: 
+   IP Addressing - Throughout this document we are assuming that you will have 
+   a /24 network for your CloudStack implementation. This can be any RFC 1918 
+   network. However, we are assuming that you will match the machine address 
+   that we are using. Thus we may use 172.16.10.2 and because you might be 
+   using the 192.168.55.0/24 network you would use 192.168.55.2
+   
+::
 
-   DEVICE=eth0
-   HWADDR=52:54:00:B9:A6:C0
-   NM_CONTROLLED=no
+   DEVICE=cloudbr0
+   TYPE=Bridge
ONBOOT=yes
BOOTPROTO=none
+   IPV6INIT=no
+   IPV6_AUTOCONF=no
+   DELAY=5
IPADDR=172.16.10.2
-   NETMASK=255.255.255.0
GATEWAY=172.16.10.1
+   NETMASK=255.255.255.0
DNS1=8.8.8.8
DNS2=8.8.4.4
 
-.. note:: 
-   IP Addressing - Throughout this document we are assuming that you will have 
-   a /24 network for your CloudStack implementation. This can be any RFC 1918 
-   network. However, we are assuming that you will match the machine address 
-   that we are using. Thus we may use 172.16.10.2 and because you might be 
-   using the 192.168.55.0/24 network you would use 192.168.55.2
+Save the configuration and exit. We will then edit the interface so that it
+makes use of this bridge. Enter this command to find your interfaces: 
+
+.. note::
+   CentOS 7 has implemented 'Predictable Network Interface 
Names'_
 and as such, 
+   the following instructions will depend on your configuration, and interface
+   names are used only for the sake of simplicity.
+
+.. parsed-literal::
+   # ls /etc/sysconfig/networ

[GitHub] rhtyd commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
rhtyd commented on a change in pull request #13: Update Quick Installation Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228724972
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -308,37 +341,50 @@ Now you'll need uncomment the configuration values in 
the file
STATD_OUTGOING_PORT=2020
 
 Now we need to configure the firewall to permit incoming NFS connections. 
-Edit the file /etc/sysconfig/iptables
+Create firewalldnfs.sh, and add the following content to it: 
 
 .. parsed-literal::
 
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 111 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 111 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 2049 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 32803 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 32769 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 892 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 892 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 875 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 875 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 662 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 662 -j ACCEPT
-
-Now you can restart the iptables service with the following command:
+   #!/bin/bash
+
+   firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 10 -m state 
--state ESTABLISHED,RELATED -j ACCEPT
 
 Review comment:
   Firewall rules may be further simplified, for example as:
   ```
   iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT
   iptables -I INPUT -p tcp -m tcp --dport 1798 -j ACCEPT
   iptables -I INPUT -p tcp -m tcp --dport 16509 -j ACCEPT
   iptables -I INPUT -p tcp -m tcp --dport 5900:6100 -j ACCEPT
   iptables -I INPUT -p tcp -m tcp --dport 49152:49216 -j ACCEPT
   iptables-save > /etc/sysconfig/iptables
   ```
   Avoid firewall-cmd which I'm not if it's available by default.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

[GitHub] rhtyd commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
rhtyd commented on a change in pull request #13: Update Quick Installation Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228724972
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -308,37 +341,50 @@ Now you'll need uncomment the configuration values in 
the file
STATD_OUTGOING_PORT=2020
 
 Now we need to configure the firewall to permit incoming NFS connections. 
-Edit the file /etc/sysconfig/iptables
+Create firewalldnfs.sh, and add the following content to it: 
 
 .. parsed-literal::
 
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 111 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 111 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 2049 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 32803 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 32769 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 892 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 892 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 875 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 875 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 662 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 662 -j ACCEPT
-
-Now you can restart the iptables service with the following command:
+   #!/bin/bash
+
+   firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 10 -m state 
--state ESTABLISHED,RELATED -j ACCEPT
 
 Review comment:
   Firewall rules may be further simplified, for example as:
   ```
   iptables -I INPUT -p tcp -m tcp --dport 22 -j ACCEPT
   iptables -I INPUT -p tcp -m tcp --dport 1798 -j ACCEPT
   iptables -I INPUT -p tcp -m tcp --dport 16509 -j ACCEPT
   iptables -I INPUT -p tcp -m tcp --dport 5900:6100 -j ACCEPT
   iptables -I INPUT -p tcp -m tcp --dport 49152:49216 -j ACCEPT
   iptables-save > /etc/sysconfig/iptables
   ```
   Avoid firewall-cmd which I'm not if it's available by default.
   You can use iptables-save to persist any iptables rules.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

[GitHub] rhtyd commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
rhtyd commented on a change in pull request #13: Update Quick Installation Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228724995
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -453,7 +506,7 @@ the system VMs images.
   

/usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt \
-m /export/secondary \
-   -u 
http://download.cloudstack.org/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
 \
+   -u 
http://download.cloudstack.org/systemvm/4.11/systemvmtemplate-4.11.0-kvm.qcow2.bz2
 \
 
 Review comment:
   use the `4.11.1` template.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Caching / Ehcache

2018-10-27 Thread Marc-Aurèle Brothier 
Hi everyone,

(Again as the email formatting has been removed and was hard to read -
I hope it will be better this time).

While trying to lower the DB load for CloudStack I did some long
testing and here are my outcomes for the current cache mechanism in
CloudStack.

I would be interested to hear from people who try to customize the
ehcache configuration in CS. A PR (
https://github.com/apache/cloudstack/pull/2913) is also open to
desactivate (before deleting) ehcache in CS, read below to understand
why.


# Problems

The code in CS does not seem to fit any caching mechanism especially
due to the homemade DAO code. The main 3 flaws are the following:

## Entities are not expected to be shared

There is quite a lot of code with method calls passing entity IDs value
as long, which does some object fetching. Without caching, this
behavior will create distinct objects each time an entity with the same
ID is fetched. With the cache enabled, the same object will be shared
among those methods. It has been seen that it does generate some side
effects where code still expected unchanged entity attributes after
calling different methods thus generating exception/bugs.

## DAO update operations are using search queries

Some part of the code are updating entities based on a search query,
therefore the whole cache must be invalidated (see GenericDaoBase:
public int update(UpdateBuilder ub, final SearchCriteria sc, Integer
rows);).

## Entities based on views joining multiple tables

There are quite a lot of entities based on SQL views joining multiple
entities in a same object. Enabling caching on those would require a
mechanism to link and cross-remove related objects whenever one of the
sub-entity is changed.


# Final word

Based on the previously discussed points, the best approach IMHO would
be to move out of the custom DAO framework in CS and use a well known
one. It will handle caching well and the joins made by the views in the
code. It's not an easy change, but it will fix along a lot of issues
and add a proven / robust framework to an important part of the code.

The work to change the DAO layer is a huge task, I don't know how / who
will perform it.

What are the proposals for a new DAO framework ?


FYI I will stop working for Exoscale at the end of the month, so I
won't be able to tackle such challenge as I won't be working with CS
anymore. I'll try my best to continue looking at the project to give my
insights and share the experienced I have with CS.


Marc-Aurèle

[GitHub] rhtyd commented on issue #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
rhtyd commented on issue #13: Update Quick Installation Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#issuecomment-433651590
 
 
   @AlexBeez please find my review comments, FYI I use a KVM+CentOS7 based dev 
env for which this is the config I use: 
https://github.com/rhtyd/monkeybox/blob/master/centos7-kvm/scripts/03cloud.sh


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

[GitHub] AlexBeez commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
AlexBeez commented on a change in pull request #13: Update Quick Installation 
Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228728042
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -71,75 +71,107 @@ CloudStack. We will go over the steps to prepare now.
 Operating System
 
 
-Using the CentOS 6.8 x86_64 minimal install ISO, you'll need to install CentOS 
6 
+Using the CentOS 7.5 x86_64 install ISO, you'll need to install CentOS 7 
 on your hardware. The defaults will generally be acceptable for this 
-installation.
+installation. You may want to configure network configuration during
+setup - either using the guidelines below, or using a standard access
+configuration which we will modify later.
 
-Once this installation is complete, you'll want to connect to your freshly 
-installed machine via SSH as the root user. Note that you should not allow 
-root logins in a production environment, so be sure to turn off remote logins 
-once you have finished the installation and configuration.
+Once this installation is complete, you'll want to gain access to your
+server - through SSH (if network is configured) or connected peripherals.
+Note that you should not allow remote root logins in a production
+environment, so be sure to turn off this feature once the installation
+and configuration is complete. 
+
+If your network interface was configured to grant the server internet
+access, it is always wise to update the system before starting: 
+
+.. parsed-literal::
+   # yum -y upgrade
 
 
 .. _conf-network:
 
 Configuring the network
 ^^^
 
-By default the network will not come up on your hardware and you will need to 
-configure it to work in your environment. Since we specified that there will 
-be no DHCP server in this environment we will be manually configuring your 
-network interface. We will assume, for the purposes of this exercise, that 
-eth0 is the only network interface that will be connected and used.
-
-Connecting via the console you should login as root. Check the file 
-/etc/sysconfig/network-scripts/ifcfg-eth0, it will look like this by default:
-
-::
-
-   DEVICE="eth0"
-   HWADDR="52:54:00:B9:A6:C0"
-   NM_CONTROLLED="yes"
-   ONBOOT="no"
+Unless you have configured it during install, which will not be covered by
+this guide, the network interface will not come up on your hardware and you
+will need to configure it to work in your environment. Since we specified 
+that there will be no DHCP server in this environment we will be manually 
+configuring your network interface. 
 
-Unfortunately, this configuration will not permit you to connect to the 
-network, and is also unsuitable for our purposes with CloudStack. We want to 
-configure that file so that it specifies the IP address, netmask, etc., as 
-shown in the following example:
+Connecting via the console you should login as root. We will start by creating
+the bridge that Cloudstack will use for networking. Create and open
+/etc/sysconfig/network-scripts/ifcfg-cloudbr0 and add the following settings:
 
 .. note:: 
-   You should not use the Hardware Address (aka the MAC address) from our 
-   example for your configuration. It is network interface specific, so you 
-   should keep the address already provided in the HWADDR directive.
-
-:: 
+   IP Addressing - Throughout this document we are assuming that you will have 
+   a /24 network for your CloudStack implementation. This can be any RFC 1918 
+   network. However, we are assuming that you will match the machine address 
+   that we are using. Thus we may use 172.16.10.2 and because you might be 
+   using the 192.168.55.0/24 network you would use 192.168.55.2
+   
+::
 
-   DEVICE=eth0
-   HWADDR=52:54:00:B9:A6:C0
-   NM_CONTROLLED=no
+   DEVICE=cloudbr0
+   TYPE=Bridge
ONBOOT=yes
BOOTPROTO=none
+   IPV6INIT=no
+   IPV6_AUTOCONF=no
+   DELAY=5
IPADDR=172.16.10.2
-   NETMASK=255.255.255.0
GATEWAY=172.16.10.1
+   NETMASK=255.255.255.0
DNS1=8.8.8.8
DNS2=8.8.4.4
 
-.. note:: 
-   IP Addressing - Throughout this document we are assuming that you will have 
-   a /24 network for your CloudStack implementation. This can be any RFC 1918 
-   network. However, we are assuming that you will match the machine address 
-   that we are using. Thus we may use 172.16.10.2 and because you might be 
-   using the 192.168.55.0/24 network you would use 192.168.55.2
+Save the configuration and exit. We will then edit the interface so that it
+makes use of this bridge. Enter this command to find your interfaces: 
+
+.. note::
+   CentOS 7 has implemented 'Predictable Network Interface 
Names'_
 and as such, 
+   the following instructions will depend on your configuration, and interface
+   names are used only for the sake of simplicity.
+
+.. parsed-literal::
+   # ls /etc/sysconfig/ne

[GitHub] AlexBeez commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
AlexBeez commented on a change in pull request #13: Update Quick Installation 
Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228728113
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -308,37 +341,50 @@ Now you'll need uncomment the configuration values in 
the file
STATD_OUTGOING_PORT=2020
 
 Now we need to configure the firewall to permit incoming NFS connections. 
-Edit the file /etc/sysconfig/iptables
+Create firewalldnfs.sh, and add the following content to it: 
 
 .. parsed-literal::
 
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 111 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 111 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 2049 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 32803 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 32769 -j 
ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 892 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 892 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 875 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 875 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p tcp --dport 662 -j ACCEPT
-   -A INPUT -s 172.16.10.0/24 -m state --state NEW -p udp --dport 662 -j ACCEPT
-
-Now you can restart the iptables service with the following command:
+   #!/bin/bash
+
+   firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 10 -m state 
--state ESTABLISHED,RELATED -j ACCEPT
 
 Review comment:
   As per the discussion with Andrija, it's been elected that since this guide 
is meant to provide a test environment and shouldn't be used for production, 
this section will be removed in favor of disabling the firewall entirely. 
   
   (firewall-cmd IS the default for CentOS 7, and any changes not made by it 
are at risk of being overwritten as long as it's enabled - at least I think 
that's the behavior)


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

[GitHub] AlexBeez commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
AlexBeez commented on a change in pull request #13: Update Quick Installation 
Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228728136
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -71,75 +71,107 @@ CloudStack. We will go over the steps to prepare now.
 Operating System
 
 
-Using the CentOS 6.8 x86_64 minimal install ISO, you'll need to install CentOS 
6 
+Using the CentOS 7.5 x86_64 install ISO, you'll need to install CentOS 7 
 on your hardware. The defaults will generally be acceptable for this 
-installation.
+installation. You may want to configure network configuration during
+setup - either using the guidelines below, or using a standard access
+configuration which we will modify later.
 
-Once this installation is complete, you'll want to connect to your freshly 
-installed machine via SSH as the root user. Note that you should not allow 
-root logins in a production environment, so be sure to turn off remote logins 
-once you have finished the installation and configuration.
+Once this installation is complete, you'll want to gain access to your
+server - through SSH (if network is configured) or connected peripherals.
+Note that you should not allow remote root logins in a production
+environment, so be sure to turn off this feature once the installation
+and configuration is complete. 
+
+If your network interface was configured to grant the server internet
+access, it is always wise to update the system before starting: 
+
+.. parsed-literal::
+   # yum -y upgrade
 
 
 .. _conf-network:
 
 Configuring the network
 ^^^
 
-By default the network will not come up on your hardware and you will need to 
-configure it to work in your environment. Since we specified that there will 
-be no DHCP server in this environment we will be manually configuring your 
-network interface. We will assume, for the purposes of this exercise, that 
-eth0 is the only network interface that will be connected and used.
-
-Connecting via the console you should login as root. Check the file 
-/etc/sysconfig/network-scripts/ifcfg-eth0, it will look like this by default:
-
-::
-
-   DEVICE="eth0"
-   HWADDR="52:54:00:B9:A6:C0"
-   NM_CONTROLLED="yes"
-   ONBOOT="no"
+Unless you have configured it during install, which will not be covered by
+this guide, the network interface will not come up on your hardware and you
+will need to configure it to work in your environment. Since we specified 
+that there will be no DHCP server in this environment we will be manually 
+configuring your network interface. 
 
-Unfortunately, this configuration will not permit you to connect to the 
-network, and is also unsuitable for our purposes with CloudStack. We want to 
-configure that file so that it specifies the IP address, netmask, etc., as 
-shown in the following example:
+Connecting via the console you should login as root. We will start by creating
+the bridge that Cloudstack will use for networking. Create and open
+/etc/sysconfig/network-scripts/ifcfg-cloudbr0 and add the following settings:
 
 .. note:: 
-   You should not use the Hardware Address (aka the MAC address) from our 
-   example for your configuration. It is network interface specific, so you 
-   should keep the address already provided in the HWADDR directive.
-
-:: 
+   IP Addressing - Throughout this document we are assuming that you will have 
+   a /24 network for your CloudStack implementation. This can be any RFC 1918 
+   network. However, we are assuming that you will match the machine address 
+   that we are using. Thus we may use 172.16.10.2 and because you might be 
+   using the 192.168.55.0/24 network you would use 192.168.55.2
+   
+::
 
-   DEVICE=eth0
-   HWADDR=52:54:00:B9:A6:C0
-   NM_CONTROLLED=no
+   DEVICE=cloudbr0
+   TYPE=Bridge
ONBOOT=yes
BOOTPROTO=none
 
 Review comment:
   Changes have been implemented.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

[GitHub] AlexBeez commented on a change in pull request #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
AlexBeez commented on a change in pull request #13: Update Quick Installation 
Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#discussion_r228728191
 
 

 ##
 File path: source/quickinstallationguide/qig.rst
 ##
 @@ -453,7 +506,7 @@ the system VMs images.
   

/usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt \
-m /export/secondary \
-   -u 
http://download.cloudstack.org/systemvm/4.6/systemvm64template-4.6.0-kvm.qcow2.bz2
 \
+   -u 
http://download.cloudstack.org/systemvm/4.11/systemvmtemplate-4.11.0-kvm.qcow2.bz2
 \
 
 Review comment:
   I'm not sure where this has been pulled from - the QIG-Update-CentOS7 branch 
in my repo already has been updated to use the 4.11 templates. 


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

[GitHub] AlexBeez commented on issue #13: Update Quick Installation Guide

2018-10-27 Thread GitBox 
AlexBeez commented on issue #13: Update Quick Installation Guide
URL: 
https://github.com/apache/cloudstack-documentation/pull/13#issuecomment-433660319
 
 
   Changes that have been understood have been implemented.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services