to 4.1 from 3.0.2 testing upgrade?
I see that vote for 4.1 release will probably succeed. I wonder has any1 tested upgrade from 3.0.2. to 4.1? It is supposed to work, but i'm asking anyway, because we tried to upgrade our 3.0.2 to 4.0.2 and it failed last time due to database upgrades missing. Hopefully upgrade will work this time for 3.0.2 with advanced networking setup and XenServer 6.0.2. Regards, F.
CS 3.0.2 -> 4.1.0 upgrade instruction fail
Hi all,
there are many errors in release notes for upgrade form CS 3.0.2 to 4.0.1.
Here are just a few, from the top of my head. I suggest you correct them.
1. Location of config files is not at /etc/cloud/ but rather at
/etc/cloudstack now.
2. components.xml is nowhere to be found in /etc/cloudstack
3. server.xml generation failed, because i had enabled ssl in it. It
required me to generate them from scratch.
4. There were no instructions for enabling https, anywhere. I had to fix
server.xml and tomcat6.xml to use my certificate.
5. cloud-sysvmadm is nonexistent. I think there is cloudstack-sys.. Also
switches are wrong.
6. Python and bash scripts are now located
/usr/share/cloudstack-common/scripts/vm/hypervisor/xenserver/xenserver60/ instead
of /usr/lib64/cloud/common/ scripts/vm/hypervisor/
xenserver/xenserver60/ as documentation would tell you.
7. for pbd in `xe pbd-list currently-attached=false| grep ^uuid | awk
'{print $NF}'`; do xe pbd-plug uuid=$pbd ; doesn't work:
[root@x1 ~]# for pbd in `xe pbd-list currently-attached=false| grep
^uuid | awk '{print $NF}'`; do xe pbd-plug uuid=$pbd
>
...
there is also issue with console proxy not working after the upgrade,
but i'll send another mail for that.
Regards,
F.
Re: CS 3.0.2 -> 4.1.0 upgrade instruction fail
I fixed the nonworking console proxy by destroying it.
Actually cloudstack fixed it, by creating new one. :-)
So i won't send another mail.
On 22/6/13 4:23 PM, France wrote:
Hi all,
there are many errors in release notes for upgrade form CS 3.0.2 to
4.0.1.
Here are just a few, from the top of my head. I suggest you correct them.
1. Location of config files is not at /etc/cloud/ but rather at
/etc/cloudstack now.
2. components.xml is nowhere to be found in /etc/cloudstack
3. server.xml generation failed, because i had enabled ssl in it. It
required me to generate them from scratch.
4. There were no instructions for enabling https, anywhere. I had to
fix server.xml and tomcat6.xml to use my certificate.
5. cloud-sysvmadm is nonexistent. I think there is cloudstack-sys..
Also switches are wrong.
6. Python and bash scripts are now located
/usr/share/cloudstack-common/scripts/vm/hypervisor/xenserver/xenserver60/
instead of /usr/lib64/cloud/common/ scripts/vm/hypervisor/
xenserver/xenserver60/ as documentation would tell you.
7. for pbd in `xe pbd-list currently-attached=false| grep ^uuid | awk
'{print $NF}'`; do xe pbd-plug uuid=$pbd ; doesn't work:
[root@x1 ~]# for pbd in `xe pbd-list currently-attached=false| grep
^uuid | awk '{print $NF}'`; do xe pbd-plug uuid=$pbd
>
...
there is also issue with console proxy not working after the upgrade,
but i'll send another mail for that.
Regards,
F.
Re: system VMS stuck in 'Starting' state.
Your assumptions are correct. I've done it like this. Ofcourse you must select appropriate status: use cloud update vm_instance set state='Running' where id='293'; Regards, F. On 27/6/13 9:30 AM, Maurice Lawler wrote: Hello, How can I manipulate the database to tell CS that the system VMS are stopped and not 'Starting' along with that; once stopped I can then either restart them and or destroy and let then system recreate, correct?
Secondary storage disk space in 4.1.
Hi all. I've recently run into an issue on two of my secondary storage NFS servers. They were full (ie. no disk space). I upgraded from 3.0.2 past weekend; storage was full before upgrade. Since then i've integrated sec storages into our notification system to be notified, but i still wonder how can that be? ( storage.overprovisioning.factor is set to 1, zone.secstorage.capacity.notificationthreshold is se to 0.75). Does/shoud cloudstack 4.1 check for the amount of storage space on secondary storage nodes? Can that measurement be seen somewhere in web GUI for a specific secondary storage? I've tried asking on IRC but failed to get an answer. Tnx and Regards, F.
Re: system VMS stuck in 'Starting' state.
Just do a select * and look at the data. I found mine by name. Everything else should be clear to you then. If not, learn basic SQL. On Jun 27, 2013, at 8:02 PM, Maurice Lawler wrote: > Is ‘ID’ the UUID, the long string of letters/numbers. If not, how would I get > the correct ID? > > > > - Maurice > On Jun 27, 2013, at 3:16 AM, France wrote: > >> Your assumptions are correct. >> >> I've done it like this. Ofcourse you must select appropriate status: >> use cloud >> update vm_instance set state='Running' where id='293'; >> >> Regards, >> F. >> >> On 27/6/13 9:30 AM, Maurice Lawler wrote: >>> Hello, >>> >>> How can I manipulate the database to tell CS that the system VMS are >>> stopped and not 'Starting' along with that; once stopped I can then either >>> restart them and or destroy and let then system recreate, correct? >
Re: CloudStack SSL on 4.1.0
If you use a different location for your ssl certificate or different type, you must set it in tomcat6 configuration also. On 28/6/13 2:28 AM, Musayev, Ilya wrote: Thanks Marcus, it was a problem between the keyboard and the chair! -Original Message- From: Marcus Sorensen [mailto:shadow...@gmail.com] Sent: Thursday, June 27, 2013 8:00 PM To: dev@cloudstack.apache.org Subject: Re: CloudStack SSL on 4.1.0 I'm running SSL, I opened server.xml and added the "Connector" section pointing to my keystore with the password: On Thu, Jun 27, 2013 at 5:45 PM, Musayev, Ilya wrote: I will file this as a bug If I get no response :( -Original Message- From: Musayev, Ilya [mailto:imusa...@webmd.net] Sent: Thursday, June 27, 2013 6:58 PM To: dev@cloudstack.apache.org Subject: CloudStack SSL on 4.1.0 Has anyone been able to get CloudStack 4.1.0 to work with SSL on 8443? I cannot, no matter what I tried. I was able to get 4.0 to work, but 4.1.0 would not. Nothing useful at logs :( Thanks ilya
Re: any feedback of upgrading cloudstack from 3.0.2 to 4.1 with xenserver 6.0.2 hosts
Hi, i suggest, you send only to one mailing list at a time. :-) I've sent a similar question before our upgrade, but didn't get a response, so I understand your position. We have recently upgraded 3.0.2 to 4.1 and all hotfixes on XenServer to date for 6.0.2. Install went with some problems, but mainly because lack of accurate documentation. Here is a bug submitted for that: https://issues.apache.org/jira/browse/CLOUDSTACK-3138 When upgrading XenServers, just be sure to unmanage cluster or stop Cloudstack, so it won't select another master. Also backup Cloudstack server before upgrade, so there will be a downgrade path if it fails. Upgrade cloudstack with it's VM's first, then XenServers. Good luck. :-) Regards, F. System works otherwise. On 4/7/13 11:55 PM, William Jiang wrote: Hi, We have a plan to upgrade cloudstack 3.0.2 to 4.1, we use xenserver 6.0.2 as host servers. Did anyone have run the same upgrade path? Any issues or comments will be great appreciated. For xenserver 6.0.2(with XS602E001 and XS602E002 updates), can we keep this version or it's better upgrade to xenserver 6.1. Thanks, William This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. Ce courrier électronique est confidentiel et protégé. L'expéditeur ne renonce pas aux droits et obligations qui s'y rapportent. Toute diffusion, utilisation ou copie de ce message ou des renseignements qu'il contient par une personne autre que le (les) destinataire(s) désigné(s) est interdite. Si vous recevez ce courrier électronique par erreur, veuillez m'en aviser immédiatement, par retour de courrier électronique ou par un autre moyen.
Re: [VOTE] Apache Cloudstack 4.1.1
Hopefully next vote will succeed because in 4.1 scheduled snapshots are not working. 4.1.1 supposedly has fix included. https://issues.apache.org/jira/browse/CLOUDSTACK-2523
4.1.1 released yet? RPMs?
Hi All, is 4.1.1 officially released? Where are / will be the RPMs and documentation for upgrading form 4.1.0? Regards, F.
Upgrading form 4.1.0 to 4.1.1 success; some issues with console proxy
Hi, i've upgraded XenServers 6.0.2 to latest hotfixes and upgraded CS form 4.1.0 to 4.1.1 (also iscsi HA cluster, but that's not relevant for CS). The only actual problem whas that console proxy didn't reboot successfully using cloudstack-sysvmadm script. It never came up as started, even thou i could see it's running using direct VNC (it seems as it run out of disk space?!?). After manually changing states in vm_instance a couple of times (to Running and finally Stopped), i was able to destroy VM (it didn't succeed using CS UI) and after restarting CS UI a couple of times it finally decided the old console proxy is no more and created new one. After that everything else went well. I might have leftover volume on SR from that console proxy, but i will check it out after a couple of days, to see if it was expunged/deleted. I have to check if there are any orphaned volumes on out HA iscsi disks anyway. Is there a script or a way to check actual lvm devices and compare it to the devices and states in CS db? Regards, F.
Change network functionality?
Hi all. We're use CS 4.1.1. I think there is no way to change network or networks to which VM belongs _after_ it was created. To change the network in which it is, it's required to create template from it and then a new VM. Is there another way? Is functionality to change network in which VM is, in plan for any future releases? If not, would anyone consider adding it? Regards, F.
Re: Change network functionality?
Thank you for your response Chiradeep. I have not tried to use API (yet). Even if i can use something like cloudmonkey to use API from CLI, my users can not. So my question still stands, when it will be or if it's already possible to change network(s) using CS web GUI? And additional question: is it currently possible using API with cloudmonkey on 4.1.1? Has anyone tried? Tnx. F. On 4/9/13 10:45 PM, Chiradeep Vittal wrote: Have you tried addNicToVirtualMachine updateDefaultNicForVirtualMachine removeNicFromVirtualMachine http://goo.gl/qUKIgT On 9/4/13 5:50 AM, "France" wrote: Hi all. We're use CS 4.1.1. I think there is no way to change network or networks to which VM belongs _after_ it was created. To change the network in which it is, it's required to create template >from it and then a new VM. Is there another way? Is functionality to change network in which VM is, in plan for any future releases? If not, would anyone consider adding it? Regards, F.
Re: Change network functionality?
Tnx for info. It was what i needed. i'll just wait till 4.2.(1) comes out and upgrade. :-) Regards, F. On 5/9/13 12:52 PM, Saksham Srivastava wrote: In 4.2, UI functionality for adding/removing and updating default NIC has been added. You may find it in the NIC tab of an instance. I haven't explicitly tried the APIs on 4.1.1, but the APIs should be present there also. Thanks, Saksham -Original Message----- From: France [mailto:mailingli...@isg.si] Sent: Thursday, September 05, 2013 3:50 PM To: dev@cloudstack.apache.org Cc: Chiradeep Vittal Subject: Re: Change network functionality? Thank you for your response Chiradeep. I have not tried to use API (yet). Even if i can use something like cloudmonkey to use API from CLI, my users can not. So my question still stands, when it will be or if it's already possible to change network(s) using CS web GUI? And additional question: is it currently possible using API with cloudmonkey on 4.1.1? Has anyone tried? Tnx. F. On 4/9/13 10:45 PM, Chiradeep Vittal wrote: Have you tried addNicToVirtualMachine updateDefaultNicForVirtualMachine removeNicFromVirtualMachine http://goo.gl/qUKIgT On 9/4/13 5:50 AM, "France" wrote: Hi all. We're use CS 4.1.1. I think there is no way to change network or networks to which VM belongs _after_ it was created. To change the network in which it is, it's required to create template >from it and then a new VM. Is there another way? Is functionality to change network in which VM is, in plan for any future releases? If not, would anyone consider adding it? Regards, F.
Free template repository or marketplace
Hi all, during recent problems creating my own Ubuntu 12.04 LTS PV template to work on CS 4.1.1. with XS 6.0.2, i got the idea, that it would be nice, if i could share my templates with the world. I would also like to get new ones for free. So before i go and create my own public free template repository, (because i could not find one), i would like to ask, does Cloudstack have some sort of marketplace in plans? If so, what's the deadline and are templates going to be free of charge? Regards, F.
Upgrade from 3.0.2 to 4.0.2 fails due to db schema upgrade fail
Hi, as many users before me, who wanted to upgrade to 4.0.2 on CentOS 6.4 using RPMs from http://cloudstack.apt-get.eu/rhel/4.0/ i've hit the same error: INFO [cloud.upgrade.DatabaseIntegrityChecker] (main:) Grabbing lock to check for database integrity. INFO [cloud.upgrade.DatabaseIntegrityChecker] (main:) Performing database integrity check INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) Grabbing lock to check for database upgrade. INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) DB version = 3.0.2 Code Version = 4.0.2.20130420145617 INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) Database upgrade must be performed from 3.0.2 to 4.0.2.20130420145617 ERROR [cloud.upgrade.DatabaseUpgradeChecker] (main:) The end upgrade version is actually at 4.0.0 but our management server code version is at 4.0.2.20130420145617 ERROR [utils.component.ComponentLocator] (main:) Problems with running checker:DatabaseUpgradeChecker com.cloud.utils.exception.CloudRuntimeException: The end upgrade version is actually at 4.0.0 but our management server code version is at 4.0.2.20130420145617 Is there a work-around or do i have to downgrade back and wait for next release? I've looked at /usr/share/cloud/setup/db/ and it really seems there is no upgrade schema from 4.0 to 4.0.2. Please answer a.s.a.p. so i can downgrade and head home. :-) Regards, F.
Re: Upgrade from 3.0.2 to 4.0.2 fails due to db schema upgrade fail
I've searched the web, asked on IRC and found no solution. If there is, i'll be grateful to read it. I'm just going to roll back and work on it another weekend, hopefully by that time, i'll get the schema upgrade scripts. I also think, this should be noted at least in release notes, so people don't loose their time on the same issue. Regards, F. On 11/5/13 2:48 PM, France wrote: Hi, as many users before me, who wanted to upgrade to 4.0.2 on CentOS 6.4 using RPMs from http://cloudstack.apt-get.eu/rhel/4.0/ i've hit the same error: INFO [cloud.upgrade.DatabaseIntegrityChecker] (main:) Grabbing lock to check for database integrity. INFO [cloud.upgrade.DatabaseIntegrityChecker] (main:) Performing database integrity check INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) Grabbing lock to check for database upgrade. INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) DB version = 3.0.2 Code Version = 4.0.2.20130420145617 INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) Database upgrade must be performed from 3.0.2 to 4.0.2.20130420145617 ERROR [cloud.upgrade.DatabaseUpgradeChecker] (main:) The end upgrade version is actually at 4.0.0 but our management server code version is at 4.0.2.20130420145617 ERROR [utils.component.ComponentLocator] (main:) Problems with running checker:DatabaseUpgradeChecker com.cloud.utils.exception.CloudRuntimeException: The end upgrade version is actually at 4.0.0 but our management server code version is at 4.0.2.20130420145617 Is there a work-around or do i have to downgrade back and wait for next release? I've looked at /usr/share/cloud/setup/db/ and it really seems there is no upgrade schema from 4.0 to 4.0.2. Please answer a.s.a.p. so i can downgrade and head home. :-) Regards, F.
Re: Upgrade from 3.0.2 to 4.0.2 fails due to db schema upgrade fail
https://issues.apache.org/jira/browse/CLOUDSTACK-2214 bug is described in URL above. +1 from me. ;-) I wish you nice weekend. F. On 11/5/13 3:08 PM, France wrote: I've searched the web, asked on IRC and found no solution. If there is, i'll be grateful to read it. I'm just going to roll back and work on it another weekend, hopefully by that time, i'll get the schema upgrade scripts. I also think, this should be noted at least in release notes, so people don't loose their time on the same issue. Regards, F. On 11/5/13 2:48 PM, France wrote: Hi, as many users before me, who wanted to upgrade to 4.0.2 on CentOS 6.4 using RPMs from http://cloudstack.apt-get.eu/rhel/4.0/ i've hit the same error: INFO [cloud.upgrade.DatabaseIntegrityChecker] (main:) Grabbing lock to check for database integrity. INFO [cloud.upgrade.DatabaseIntegrityChecker] (main:) Performing database integrity check INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) Grabbing lock to check for database upgrade. INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) DB version = 3.0.2 Code Version = 4.0.2.20130420145617 INFO [cloud.upgrade.DatabaseUpgradeChecker] (main:) Database upgrade must be performed from 3.0.2 to 4.0.2.20130420145617 ERROR [cloud.upgrade.DatabaseUpgradeChecker] (main:) The end upgrade version is actually at 4.0.0 but our management server code version is at 4.0.2.20130420145617 ERROR [utils.component.ComponentLocator] (main:) Problems with running checker:DatabaseUpgradeChecker com.cloud.utils.exception.CloudRuntimeException: The end upgrade version is actually at 4.0.0 but our management server code version is at 4.0.2.20130420145617 Is there a work-around or do i have to downgrade back and wait for next release? I've looked at /usr/share/cloud/setup/db/ and it really seems there is no upgrade schema from 4.0 to 4.0.2. Please answer a.s.a.p. so i can downgrade and head home. :-) Regards, F.
Re: Upgrade from 3.0.2 to 4.0.2 fails due to db schema upgrade fail
On May 13, 2013, at 10:27 AM, Sebastien Goasguen wrote: > > On May 11, 2013, at 9:40 AM, France wrote: > >> https://issues.apache.org/jira/browse/CLOUDSTACK-2214 >> bug is described in URL above. >> +1 from me. ;-) >> >> I wish you nice weekend. >> F. > > France, thanks. We are dealing with a few upgrade bugs at the moment. > > We will get back to you asap. > > -Sebastien Hi Sebastien, i just saw the bug is supposed to be fixed, but won't be released: "CLOUDSTACK-2172 is the resolution to this bug. Since the project will not be releasing a 4.0.3 release, the next version (4.1.0) will have the fix included in it." I would suggest that you still release fixed version and make a fix for 4.0.2. Even if you don't, I still propose, that you at least fix release notes and note, that there is no upgrade path from 3.* to 4.0.2. (Maybe even from 4.0.0 to 4.0.2?) I guess 4.1 is still a long way from being released: https://cwiki.apache.org/CLOUDSTACK/cloudstack-41-release.html because we haven't even hit the code freeze yet. How long do you think we will have to wait for release of 4.1 so we can finally move away from Citrixs release and use Apache one? Regards, F.
Error: The snapshot chain is too long
Hi, i'm using CS 4.1.1 on XS6.0.2 + Hotfixes up to XS602E026. Recently one of our volumes will not get new snapshots created, because of this error: WARN [xen.resource.CitrixResourceBase] (DirectAgent-278:) ManageSnapshotCommand operation: create Failed for snapshotId: 478, reason: SR_BACKEND_FAILURE_109The snapshot chain is too long SR_BACKEND_FAILURE_109The snapshot chain is too long If I check in XenCenter, there are around 30 disks like VM_ROOT-NUM_20140121020342. If i check cloudstack GUI there are only 8 snapshots visible. There are also two errors listed, which i would like to remove. How can i reduce the snapshot chain? Why didn't the old snapshots in the chain get removed? Who's job it is to remove those, Cloudstacks or XenServers? How can I display the snapshot chain for ROOT-NUM? Any answers will be appreciated. Thank you for your help. Regards, F.
Re: Error: The snapshot chain is too long -> lot's of left over LVM snapshots?
Looking at the manual it seems to me that: 1. Cloudstack creates lvm copy of the disk. 2. Copies the content of this created "snapshot" to secondary storage 3. Removes the lvm snapshot, while leaving the copy intact on the secondary storage. Therefor no LVM snapshots should be visible in XenCenter, if no current snapshot operation is in progress. Is this assumption correct? Because the before mentioned VM has 28 LVM "snapshots", it fails to create a new one, from which it could copy the data. My question is this.*Can i safely remove all LVM snapshots directly from XenCenter?* If i understand this correctly, they should have not been there and might be a result of failed secondary storage, where CS could not copy from the LVM snapshot, but didn't remove it after failed copy operation? This seems to me like a bug, even thou it's caused by failed secondary NFS storage, which has been since replaced. Please advise. On 5/2/14 1:54 PM, France wrote: Hi, i'm using CS 4.1.1 on XS6.0.2 + Hotfixes up to XS602E026. Recently one of our volumes will not get new snapshots created, because of this error: WARN [xen.resource.CitrixResourceBase] (DirectAgent-278:) ManageSnapshotCommand operation: create Failed for snapshotId: 478, reason: SR_BACKEND_FAILURE_109The snapshot chain is too long SR_BACKEND_FAILURE_109The snapshot chain is too long If I check in XenCenter, there are around 30 disks like VM_ROOT-NUM_20140121020342. If i check cloudstack GUI there are only 8 snapshots visible. There are also two errors listed, which i would like to remove. How can i reduce the snapshot chain? Why didn't the old snapshots in the chain get removed? Who's job it is to remove those, Cloudstacks or XenServers? How can I display the snapshot chain for ROOT-NUM? Any answers will be appreciated. Thank you for your help. Regards, F.
BUG report: Excessive use of LVM snapshots on XenServer, that leads to snapshot failure and unnecessary disk usage.
Hi guys, is there a chance that someone looks at my bug report, to check if it does make sense? https://issues.apache.org/jira/browse/CLOUDSTACK-6060 I've also noticed that my older bug reports form half a year ago, have had no status update. Is this normal and expected? Is it possible that they get overlooked? Regards, F.
Re: BUG report: Excessive use of LVM snapshots on XenServer, that leads to snapshot failure and unnecessary disk usage.
Thank you for your answer Daan. How can one attract interest of developers? One would think, that non-working basic functionality (eg. snapshots), should be an interesting topic for all developers. As would also be unnecessary killing of VMs like in my bug from: 4.Jul.2013: https://issues.apache.org/jira/browse/CLOUDSTACK-3367 Or disabling open recursive DNS resolvers: https://issues.apache.org/jira/browse/CLOUDSTACK-4675 etc.. Hopefully someone will read this mail and take some actions. I'm sure i would contribute code, if i knew java. :-) So i contribute the only whey i can, which is testing. Regards, F. On 10/2/14 9:52 AM, Daan Hoogland wrote: France, Most work is done by volunteers. You'll have to get someone interested in your bug reports to make sure it is handled. Some of us sweep through older tickets once in a while but there is no rule or process to make sure of that. We can always use more volunteers;) regards, Daan On Fri, Feb 7, 2014 at 6:20 PM, France wrote: Hi guys, is there a chance that someone looks at my bug report, to check if it does make sense? https://issues.apache.org/jira/browse/CLOUDSTACK-6060 I've also noticed that my older bug reports form half a year ago, have had no status update. Is this normal and expected? Is it possible that they get overlooked? Regards, F.
Re: ALARM - ACS reboots host servers!!!
I believe this is a bug too, because VMs not running on the storage, get destroyed too: Issue has been around for a long time, like with all others I reported. They do not get fixed: https://issues.apache.org/jira/browse/CLOUDSTACK-3367 We even lost assignee today. Regards, F. On 3/3/14 6:55 AM, Koushik Das wrote: The primary storage needs to be put in maintenance before doing any upgrade/reboot as mentioned in the previous mails. -Koushik On 03-Mar-2014, at 6:07 AM, Marcus wrote: Also, please note that in the bug you referenced it doesn't have a problem with the reboot being triggered, but with the fact that reboot never completes due to hanging NFS mount (which is why the reboot occurs, inaccessible primary storage). On Sun, Mar 2, 2014 at 5:26 PM, Marcus wrote: Or do you mean you have multiple primary storages and this one was not in use and put into maintenance? On Sun, Mar 2, 2014 at 5:25 PM, Marcus wrote: I'm not sure I understand. How do you expect to reboot your primary storage while vms are running? It sounds like the host is being fenced since it cannot contact the resources it depends on. On Sun, Mar 2, 2014 at 3:24 PM, Nux! wrote: On 02.03.2014 21:17, Andrei Mikhailovsky wrote: Hello guys, I've recently came across the bug CLOUDSTACK-5429 which has rebooted all of my host servers without properly shutting down the guest vms. I've simply upgraded and rebooted one of the nfs primary storage servers and a few minutes later, to my horror, i've found out that all of my host servers have been rebooted. Is it just me thinking so, or is this bug should be fixed ASAP and should be a blocker for any new ACS release. I mean not only does it cause downtime, but also possible data loss and server corruption. Hi Andrei, Do you have HA enabled and did you put that primary storage in maintenance mode before rebooting it? It's my understanding that ACS relies on the shared storage to perform HA so if the storage goes it's expected to go berserk. I've noticed similar behaviour in Xenserver pools without ACS. I'd imagine a "cure" for this would be to use network distributed "filesystems" like GlusterFS or CEPH. Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro
Re: ALARM - ACS reboots host servers!!!
Hi Marcus and others. There is no need to kill of the entire hypervisor, if one of the primary storages fail. You just need to kill the VMs and probably disable SR on XenServer, because all other SRs and VMs have no problems. if you kill those, then you can safely start them elsewhere. On XenServer 6.2 you call destroy the VMs which lost access to NFS without any problems. If you really want to still kill the entire host and it's VMs in one go, I would suggest live migrating the VMs which have had not lost their storage off first, and then kill those VMs on a stale NFS by doing hard reboot. Additional time, while migrating working VMs, would even give some grace time for NFS to maybe recover. :-) Hard reboot to recover from D state of NFS client can also be avoided by using soft mount options. I run a bunch of Pacemaker/Corosync/Cman/Heartbeat/etc clusters and we don't just kill whole nodes but fence services from specific nodes. STONITH is implemented only when the node looses the quorum. Regards, F. On 3/3/14 5:35 PM, Marcus wrote: It's the standard clustering problem. Any software that does any sort of avtive clustering is going to fence nodes that have problems, or should if it cares about your data. If the risk of losing a host due to a storage pool outage is too great, you could perhaps look at rearranging your pool-to-host correlations (certain hosts run vms from certain pools) via clusters. Note that if you register a storage pool with a cluster, it will register the pool with libvirt when the pool is not in maintenance, which, when the storage pool goes down will cause problems for the host even if no VMs from that storage are running (fetching storage stats for example will cause agent threads to hang if its NFS), so you'd need to put ceph in its own cluster and NFS in its own cluster. It's far more dangerous to leave a host in an unknown/bad state. If a host loses contact with one of your storage nodes, with HA, cloudstack will want to start the affected VMs elsewhere. If it does so, and your original host wakes up from it's NFS hang, you suddenly have a VM running in two locations, corruption ensues. You might think we could just stop the affected VMs, but NFS tends to make things that touch it go into D state, even with 'intr' and other parameters, which affects libvirt and the agent. We could perhaps open a feature request to disable all HA and just leave things as-is, disallowing operations when there are outages. If that sounds useful you can create the feature request on https://issues.apache.org/jira. On Mon, Mar 3, 2014 at 5:37 AM, Andrei Mikhailovsky wrote: Koushik, I understand that and I will put the storage into the maintenance mode next time. However, things happen and servers crash from time to time, which is not the reason to reboot all host servers, even those which do not have any running vms with volumes on the nfs storage. The bloody agent just rebooted every single host server regardless if they were running vms with volumes on the rebooted nfs server. 95% of my vms are running from ceph and those should have never been effected in the first place. - Original Message - From: "Koushik Das" To: "" Cc: dev@cloudstack.apache.org Sent: Monday, 3 March, 2014 5:55:34 AM Subject: Re: ALARM - ACS reboots host servers!!! The primary storage needs to be put in maintenance before doing any upgrade/reboot as mentioned in the previous mails. -Koushik On 03-Mar-2014, at 6:07 AM, Marcus wrote: Also, please note that in the bug you referenced it doesn't have a problem with the reboot being triggered, but with the fact that reboot never completes due to hanging NFS mount (which is why the reboot occurs, inaccessible primary storage). On Sun, Mar 2, 2014 at 5:26 PM, Marcus wrote: Or do you mean you have multiple primary storages and this one was not in use and put into maintenance? On Sun, Mar 2, 2014 at 5:25 PM, Marcus wrote: I'm not sure I understand. How do you expect to reboot your primary storage while vms are running? It sounds like the host is being fenced since it cannot contact the resources it depends on. On Sun, Mar 2, 2014 at 3:24 PM, Nux! wrote: On 02.03.2014 21:17, Andrei Mikhailovsky wrote: Hello guys, I've recently came across the bug CLOUDSTACK-5429 which has rebooted all of my host servers without properly shutting down the guest vms. I've simply upgraded and rebooted one of the nfs primary storage servers and a few minutes later, to my horror, i've found out that all of my host servers have been rebooted. Is it just me thinking so, or is this bug should be fixed ASAP and should be a blocker for any new ACS release. I mean not only does it cause downtime, but also possible data loss and server corruption. Hi Andrei, Do you have HA enabled and did you put that primary storage in maintenance mode before rebooting it? It's my understanding that ACS relies on the shared storage to perform HA so if the storage goes
Re: ALARM - ACS reboots host servers!!!
On Mar 4, 2014, at 3:38 PM, Marcus wrote: > On Tue, Mar 4, 2014 at 3:34 AM, France wrote: >> Hi Marcus and others. >> >> There is no need to kill of the entire hypervisor, if one of the primary >> storages fail. >> You just need to kill the VMs and probably disable SR on XenServer, because >> all other SRs and VMs have no problems. >> if you kill those, then you can safely start them elsewhere. On XenServer >> 6.2 you call destroy the VMs which lost access to NFS without any problems. > > That's a great idea, but as already mentioned, it doesn't work in > practice. You can't kill a VM that is hanging in D state, waiting on > storage. I also mentioned that it causes problems for libvirt and much > of the other system not using the storage. You can on XS 6.2 as tried in in real life and reported by others as well. > >> >> If you really want to still kill the entire host and it's VMs in one go, I >> would suggest live migrating the VMs which have had not lost their storage >> off first, and then kill those VMs on a stale NFS by doing hard reboot. >> Additional time, while migrating working VMs, would even give some grace >> time for NFS to maybe recover. :-) > > You won't be able to live migrate a VM that is stuck in D state, or > use libvirt to do so if one of its storage pools is unresponsive, > anyway. > I dont want to live migrate VMs in D state, just the working VMs. Those stuck can die with hypervisor reboot. >> >> Hard reboot to recover from D state of NFS client can also be avoided by >> using soft mount options. > > As mentioned, soft and intr very rarely actually work, in my > experience. I wish they did as I truly have come to loathe NFS for it. > >> >> I run a bunch of Pacemaker/Corosync/Cman/Heartbeat/etc clusters and we don't >> just kill whole nodes but fence services from specific nodes. STONITH is >> implemented only when the node looses the quorum. > > Sure, but how do you fence a KVM host from an NFS server? I don't > think we've written a firewall plugin that works to fence hosts from > any NFS server. Regardless, what CloudStack does is more of a poor > man's clustering, the mgmt server is the locking in the sense that it > is managing what's going on, but it's not a real clustering service. > Heck, it doesn't even STONITH, it tries to clean shutdown, which fails > as well due to hanging NFS (per the mentioned bug, to fix it they'll > need IPMI fencing or something like that). In my case as well as in the case of OP, the hypervisor got rebooted successfully. > > I didn't write the code, I'm just saying that I can completely > understand why it kills nodes when it deems that their storage has > gone belly-up. It's dangerous to leave that D state VM hanging around, > and it will until the NFS storage comes back. In a perfect world you'd > just stop the VMs that were having the issue, or if there were no VMs > you'd just de-register the storage from libvirt, I agree. As previously stated on XS 6.2 you can "destroy" VMs with unaccessible NFS storage. I do not remember if processes were in the D state or whatever, cause i used the GUI, if i remember correctly. I am sure, you can test it yourself too. > >> >> Regards, >> F. >> >> >> On 3/3/14 5:35 PM, Marcus wrote: >>> >>> It's the standard clustering problem. Any software that does any sort >>> of avtive clustering is going to fence nodes that have problems, or >>> should if it cares about your data. If the risk of losing a host due >>> to a storage pool outage is too great, you could perhaps look at >>> rearranging your pool-to-host correlations (certain hosts run vms from >>> certain pools) via clusters. Note that if you register a storage pool >>> with a cluster, it will register the pool with libvirt when the pool >>> is not in maintenance, which, when the storage pool goes down will >>> cause problems for the host even if no VMs from that storage are >>> running (fetching storage stats for example will cause agent threads >>> to hang if its NFS), so you'd need to put ceph in its own cluster and >>> NFS in its own cluster. >>> >>> It's far more dangerous to leave a host in an unknown/bad state. If a >>> host loses contact with one of your storage nodes, with HA, cloudstack >>> will want to start the affected VMs elsewhere. If it does so, and your >>> original host wakes up from it's NFS hang, you suddenly have a VM >>> running in two locations, corruption ens
Re: [DISCUSS] realhostip.com going away
Hi all. Are we going to have a solution for older versions like 4.1.1? I think we can already change that domain to something different currently in settings. Hopefully it's not "hardcoded" anywhere else. Is it? I think it's the right thing to move away from such solution in future versions, but just killing the service with 4 months notice, is not a way to go about in enterprise world. How expensive can it be to keep providing it? If someone needs to take over realhostip.com, we can offer our datacenter resources too. Regards, F.
Re: [DISCUSS] realhostip.com going away
Please let us know, what was the Citrixes response to community run realhostip.com service.
Re: ALARM - ACS reboots host servers!!!
I'm also interested in this issue. Can any1 from developers confirm this is expected behavior? On 2/4/14 2:32 PM, Andrei Mikhailovsky wrote: Coming back to this issue. This time to perform the maintenance of the nfs primary storage I've plated the storage in question in the Maintenance mode. After about 20 minutes ACS showed the nfs storage is in Maintenance. However, none of the virtual machines with volumes on that storage were stopped. I've manually stopped the virtual machines and went to upgrade and restart the nfs server. A few minutes after the nfs server shutdown all of my host servers went into reboot killing all vms! Thus, it seems that putting nfs server in Maintenance mode does not stop ACS agent from restarting the host servers. Does anyone know a way to stop this behaviour? Thanks Andrei - Original Message - From: "France" To: us...@cloudstack.apache.org Cc: dev@cloudstack.apache.org Sent: Monday, 3 March, 2014 9:49:28 AM Subject: Re: ALARM - ACS reboots host servers!!! I believe this is a bug too, because VMs not running on the storage, get destroyed too: Issue has been around for a long time, like with all others I reported. They do not get fixed: https://issues.apache.org/jira/browse/CLOUDSTACK-3367 We even lost assignee today. Regards, F. On 3/3/14 6:55 AM, Koushik Das wrote: The primary storage needs to be put in maintenance before doing any upgrade/reboot as mentioned in the previous mails. -Koushik On 03-Mar-2014, at 6:07 AM, Marcus wrote: Also, please note that in the bug you referenced it doesn't have a problem with the reboot being triggered, but with the fact that reboot never completes due to hanging NFS mount (which is why the reboot occurs, inaccessible primary storage). On Sun, Mar 2, 2014 at 5:26 PM, Marcus wrote: Or do you mean you have multiple primary storages and this one was not in use and put into maintenance? On Sun, Mar 2, 2014 at 5:25 PM, Marcus wrote: I'm not sure I understand. How do you expect to reboot your primary storage while vms are running? It sounds like the host is being fenced since it cannot contact the resources it depends on. On Sun, Mar 2, 2014 at 3:24 PM, Nux! wrote: On 02.03.2014 21:17, Andrei Mikhailovsky wrote: Hello guys, I've recently came across the bug CLOUDSTACK-5429 which has rebooted all of my host servers without properly shutting down the guest vms. I've simply upgraded and rebooted one of the nfs primary storage servers and a few minutes later, to my horror, i've found out that all of my host servers have been rebooted. Is it just me thinking so, or is this bug should be fixed ASAP and should be a blocker for any new ACS release. I mean not only does it cause downtime, but also possible data loss and server corruption. Hi Andrei, Do you have HA enabled and did you put that primary storage in maintenance mode before rebooting it? It's my understanding that ACS relies on the shared storage to perform HA so if the storage goes it's expected to go berserk. I've noticed similar behaviour in Xenserver pools without ACS. I'd imagine a "cure" for this would be to use network distributed "filesystems" like GlusterFS or CEPH. Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro
Re: ALARM - ACS reboots host servers!!!
Andrei, is your hypervisor KVM? I'm using XenServer.
Re: ALARM - ACS reboots host servers!!!
I think this problem might only exist on KVM. Can any1 with primary NFS test it on XenServer? On 3/4/14 9:48 PM, Andrei Mikhailovsky wrote: +1 - Original Message - From: "Alex Huang" To: dev@cloudstack.apache.org Sent: Thursday, 3 April, 2014 6:47:22 PM Subject: RE: ALARM - ACS reboots host servers!!! This is a severe bug if that's the case. It's supposed to stop the heartbeat script when a primary storage is placed in maintenance. --Alex -Original Message- From: France [mailto:mailingli...@isg.si] Sent: Thursday, April 3, 2014 1:06 AM To: dev@cloudstack.apache.org Subject: Re: ALARM - ACS reboots host servers!!! I'm also interested in this issue. Can any1 from developers confirm this is expected behavior? On 2/4/14 2:32 PM, Andrei Mikhailovsky wrote: Coming back to this issue. This time to perform the maintenance of the nfs primary storage I've plated the storage in question in the Maintenance mode. After about 20 minutes ACS showed the nfs storage is in Maintenance. However, none of the virtual machines with volumes on that storage were stopped. I've manually stopped the virtual machines and went to upgrade and restart the nfs server. A few minutes after the nfs server shutdown all of my host servers went into reboot killing all vms! Thus, it seems that putting nfs server in Maintenance mode does not stop ACS agent from restarting the host servers. Does anyone know a way to stop this behaviour? Thanks Andrei - Original Message - From: "France" To: us...@cloudstack.apache.org Cc: dev@cloudstack.apache.org Sent: Monday, 3 March, 2014 9:49:28 AM Subject: Re: ALARM - ACS reboots host servers!!! I believe this is a bug too, because VMs not running on the storage, get destroyed too: Issue has been around for a long time, like with all others I reported. They do not get fixed: https://issues.apache.org/jira/browse/CLOUDSTACK-3367 We even lost assignee today. Regards, F. On 3/3/14 6:55 AM, Koushik Das wrote: The primary storage needs to be put in maintenance before doing any upgrade/reboot as mentioned in the previous mails. -Koushik On 03-Mar-2014, at 6:07 AM, Marcus wrote: Also, please note that in the bug you referenced it doesn't have a problem with the reboot being triggered, but with the fact that reboot never completes due to hanging NFS mount (which is why the reboot occurs, inaccessible primary storage). On Sun, Mar 2, 2014 at 5:26 PM, Marcus wrote: Or do you mean you have multiple primary storages and this one was not in use and put into maintenance? On Sun, Mar 2, 2014 at 5:25 PM, Marcus wrote: I'm not sure I understand. How do you expect to reboot your primary storage while vms are running? It sounds like the host is being fenced since it cannot contact the resources it depends on. On Sun, Mar 2, 2014 at 3:24 PM, Nux! wrote: On 02.03.2014 21:17, Andrei Mikhailovsky wrote: Hello guys, I've recently came across the bug CLOUDSTACK-5429 which has rebooted all of my host servers without properly shutting down the guest vms. I've simply upgraded and rebooted one of the nfs primary storage servers and a few minutes later, to my horror, i've found out that all of my host servers have been rebooted. Is it just me thinking so, or is this bug should be fixed ASAP and should be a blocker for any new ACS release. I mean not only does it cause downtime, but also possible data loss and server corruption. Hi Andrei, Do you have HA enabled and did you put that primary storage in maintenance mode before rebooting it? It's my understanding that ACS relies on the shared storage to perform HA so if the storage goes it's expected to go berserk. I've noticed similar behaviour in Xenserver pools without ACS. I'd imagine a "cure" for this would be to use network distributed "filesystems" like GlusterFS or CEPH. Lucian -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro
Re: Failed to delete network
Finally have had some time and found this in management.log: -04-23 09:56:17,590 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-117:job-1430) Schedule queued job-1430 2014-04-23 09:56:17,593 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-118:job-1430) Executing org.apache.cloudstack.api.command.user.network.DeleteNetworkCmd for job-1430 2014-04-23 09:56:17,594 DEBUG [cloud.async.SyncQueueManagerImpl] (Job-Executor-117:job-1430) There is a pending process in sync queue(id: 53) *2014-04-23 09:56:17,623 DEBUG [cloud.network.NetworkManagerImpl] (Job-Executor-118:job-1430) Unable to remove the network id=211 as it has active Nics.* 2014-04-23 09:56:17,629 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-118:job-1430) Complete async job-1430, jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: Failed to delete network 2014-04-23 09:56:17,639 DEBUG [cloud.async.SyncQueueManagerImpl] (Job-Executor-118:job-1430) Sync queue (53) is currently empty I have found this online: http://support.citrix.com/article/CTX138230 > UPDATE op_networks SET nics_count=0 WHERE id=(SELECT id from networks WHERE uuid='#'); Note: Replace # with the ID of the network from CloudPlatform. Should i do it like suggested by Citrix? Will it hurt my 4.1.1 install? Tnx. On 25/10/13 11:02 AM, Daan Hoogland wrote: Not sure if I can help but I wonder, is the attempt in the api log? Daan On Mon, Oct 14, 2013 at 4:06 PM, France wrote: I'm on CS 4.1.1 with XS 6.0.2+most hotfixes. I have problems deleting a specific network. Not even Admin can delete it. I tried destroying virtual router by hand, but network still can not be deleted. Restarting (with cleanup) didn't help either. Removing all firewall igress/egress rules didn't help either. It was created while we were still on CS 3.*. There is also no destroyed or live VM associated with the user account for this network. Catalina.out doesn't log anything, not even an attempt to delete it, while management-server.log has lots of entries, but none related to my Deleting action. I've run out of ideas what else to try, to be able to delete the network. Please help me. If additional info is required, i'm willing to provide it, just ask. Thx for help. F.
Fwd: Re: Upgrade from 4.1.1 + XS 6.0.2 to 4.3 + XS 6.2
Is upgrade from 4.1.1 + XS 6.0.2 to 4.3 + XS 6.2 officially supported / possible? Original Message Subject:Re: Upgrade from 4.1.1 + XS 6.0.2 to 4.3 + XS 6.2 Date: Tue, 29 Apr 2014 10:31:56 +0200 From: France Reply-To: us...@cloudstack.apache.org To: us...@cloudstack.apache.org Tnx Samir for info, but you have had 6.1 while we have 6.0.2+Hotfixes. We are still looking for official response. Might have to escalate this to development mailing list (after hollidays) :-) On 29/4/14 10:09 AM, Amin Samir wrote: It works for us on a lab environment, Original environment is: CentOs 6.5 (Management server) Cloud Stack 4.2.1 Xen Server 6.1 latest patches Target environment CentOs 6.5 (Management Server) Cloud Stack 4.3 Xen Server 6.2 Then upgraded to sp1 Then applied 1002, 1003, 1004 patches. We will be upgrading our production environment within one month would keep you posted if that helps. Kind Regards Amin -Original Message- From: France [mailto:mailingli...@isg.si] Sent: Tuesday, 29 April 2014 4:00 PM To: us...@cloudstack.apache.org Subject: Re: Upgrade from 4.1.1 + XS 6.0.2 to 4.3 + XS 6.2 +1 from me, exactly the same situation. On 23/4/14 7:35 PM, Carlos Reategui wrote: Hi All, I would like to upgrade to Cloudstack 4.3 and also upgrade my XenServers to 6.2. I believe I've seen some comments about XS 6.2 only supported in a clean 4.3 install and not an upgrade. I am not able to find mention of this in the documentation. Any suggestions for how to go about this? thanks Carlos
Re: 4.3.1
Do we already have RPMs built for 4.3.1? On 16 Sep 2014, at 13:41, Sebastien Goasguen wrote: > Hi folks, > > now that 4.3.1 has passed, the source has been put on the dist servers. > I added the release to the list of "archived" releases: > > http://cloudstack.apache.org/archives.html > > But what do we do about the frontpage which announces 4.4.0 ? > http://cloudstack.apache.org/downloads.html > > and what about the frontage: > http://cloudstack.apache.org/index.html > > I can add the 4.3.1 below the 4.4.0 announcement with a download link to the > archive. > > thoughts ? > > -Sebastien
Re: 4.3.1
Can I kindly ask for the link for documentation for 4.3.1. It is not easy to find it from http://cloudstack.apache.org . All i can find is for 4.4. Thank you. Regards. F. On 16 Sep 2014, at 14:15, Wido den Hollander wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 09/16/2014 02:10 PM, France wrote: >> Do we already have RPMs built for 4.3.1? >> > > Yes, they are online at: http://cloudstack.apt-get.eu/rhel/4.3/ > >> On 16 Sep 2014, at 13:41, Sebastien Goasguen >> wrote: >> >>> Hi folks, >>> >>> now that 4.3.1 has passed, the source has been put on the dist >>> servers. I added the release to the list of "archived" releases: >>> >>> http://cloudstack.apache.org/archives.html >>> >>> But what do we do about the frontpage which announces 4.4.0 ? >>> http://cloudstack.apache.org/downloads.html >>> >>> and what about the frontage: >>> http://cloudstack.apache.org/index.html >>> >>> I can add the 4.3.1 below the 4.4.0 announcement with a download >>> link to the archive. >>> >>> thoughts ? >>> >>> -Sebastien >> > > -BEGIN PGP SIGNATURE- > Version: GnuPG v1 > > iQIcBAEBAgAGBQJUGCnQAAoJEAGbWC3bPspCc7IP/3oQwDoyUf7W3NrCX3Djs70r > zLRRAET5GOpWTzM6aEajnd+/6BCCv/OYwI/cxh9LXAJjblcm2nWMqDJFriAZVq+v > 1gQcv5ZSKGVGoljOwrlpAbg+prGUmjKXoPIesExqAtJGAYHFoyeuWPUqDu26gT+S > bjQRHk1FMnJ5Y03OgS/g5gINuW1KXZVt8TX480/yeFYrPdZ7a8j1aPJE0FcrR5mE > ScTr4lj9t7Qsrqla4xlqCS7KFmEpVyLNfuxXHfxT73nOv3OhvgQekBJ4DWoqVoNG > e3RKUdwzCy53aJJC5E0VDeAYTzYxJfR6GiVNj1nFYDTOBANCvdzcoc3HeGChF1Pt > bm8Uw9cQ6DC7twBvIpSyM+YGHvavu3r32B+XRhhXMMOeu3FuIjqf61qMZ2SOvWG5 > jk64NwPYBFy0vtPNEBU0VCgZwq/luSBN17NJh3EllPLIP7RcO8mYEaracyYs+9zb > DBcTUzN483+7A7mEYuU66eSpVQNwaTptdMP61uuo0MWDcjShAvPnX29p0CWHJsRJ > wa0QsaQy5jit9feVv2EK99KxSBz5FL2AKT1VoFX7z7L2hX++ZfCfgZS3JfboJPxm > LlknHDcNBhmC9LUFsXs2aXhsbbo3eSPLKOlVLaxSYkJMRw/ArTIDmQ0qL8Fg6fqM > 3cHybltpe8m46Ew42G6i > =exZy > -END PGP SIGNATURE-
FTP connection tracking modules missing in VR after upgrade to 4.3.1; Which release will contain the fix?
Hi guys, i have upgraded from 4.1.1 to 4.3.1 over the weekend. Amongst other regressions i have found this one: https://issues.apache.org/jira/browse/CLOUDSTACK-7517 So it looks like it is already well known bug and already has a fix. What can _we_ do to get the fix for 4.3 releases on our production system? Is anyone willing to build a RPM including this fix? I see it was fixed only in 4.5. Taking into account what a small fix it is and how important it is, maybe include it in 4.4.1 release also, because it is still not released? Also why not add it along with other fixes to 4.3 and release 4.3.2? In my personal opinion, ACS has way too few bugfix releases, and lot’s of people have to build their own packages because of that. Regards, F.
console proxy HTTPS in 4.3.1, static option, clarification please
Hi, because i get confusing information on the internet, i would like to ask here for clarification. There are three options for consoleproxy.url.domain configure setting. 1. Disable it with empty string. Not really an option, because iframe to http from https, is silently blocked by browsers now-days. If there would be a link to click instead of iframe it could work and i would be done with it. 2. *.somedomain.xxx Wildcard option. Requires to run own DNS server and buying of expensive certificates. Not really an option, due to too high costs of wildcard and setting up of another unnecessary service. 3. secure.somedomain.xxx Static option which would allow us to use a single FQDN certificate. This is acceptable for us, but upon testing with 4.3.1 (restart of ACS, destruction of console proxy SVM) did not link to secure.somedomain.xxx. Before i loose any more time with thir doption. Does it work with 3.4.1? According to documentation for 4.3 on: http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/4.3/search.html?q=consoleproxy.url.domain&check_keywords=yes&area=default in: Working with System Virtual Machines Console Proxy Load-balancing Console Proxies An alternative to using dynamic DNS or creating a range of DNS entries as described in the last section would be to create a SSL certificate for a specific domain name, configure CloudStack to use that particular FQDN, and then configure a load balancer to load balance the console proxy’s IP address behind the FQDN. As the functionality for this is still new, please seehttps://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+changes for more details. Regards, F
Re: console proxy HTTPS in 4.3.1, static option, clarification please
Thank you for your answer. On 22 Sep 2014, at 18:58, Amogh Vasekar wrote: > Hi, > > No, option (3) is not fully supported yet since it needs integration with > a load balancer for all console proxy VM ips. Please see the note at > https://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+changes# > RealhostIPchanges-ConsoleProxy.1 > > Amogh > > On 9/22/14 4:47 AM, "France" wrote: > >> Hi, >> >> because i get confusing information on the internet, i would like to ask >> here for clarification. >> >> There are three options for >> consoleproxy.url.domain >> configure setting. >> >> 1. Disable it with empty string. >> Not really an option, because iframe to http from https, is silently >> blocked by browsers now-days. If there would be a link to click instead >> of iframe it could work and i would be done with it. >> >> 2. *.somedomain.xxx >> Wildcard option. Requires to run own DNS server and buying of expensive >> certificates. Not really an option, due to too high costs of wildcard and >> setting up of another unnecessary service. >> >> 3. secure.somedomain.xxx >> Static option which would allow us to use a single FQDN certificate. This >> is acceptable for us, but upon testing with 4.3.1 (restart of ACS, >> destruction of console proxy SVM) did not link to secure.somedomain.xxx. >> >> Before i loose any more time with thir doption. Does it work with 3.4.1? >> >> >> According to documentation for 4.3 on: >> http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/4. >> 3/search.html?q=consoleproxy.url.domain&check_keywords=yes&area=default >> in: >> Working with System Virtual Machines >> Console Proxy >> >> Load-balancing Console Proxies >> >> An alternative to using dynamic DNS or creating a range of DNS entries as >> described in the last section would be to create a SSL certificate for a >> specific domain name, configure CloudStack to use that particular FQDN, >> and then configure a load balancer to load balance the console proxy¹s IP >> address behind the FQDN. As the functionality for this is still new, >> please >> seehttps://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+chan >> ges for more details. >> >> >> Regards, >> F
Re: FTP connection tracking modules missing in VR after upgrade to 4.3.1; Which release will contain the fix?
Thank you for your efforts Rohit Yadav. So i just download the files from: http://jenkins.buildacloud.org/view/4.3/job/cloudstack-4.3-package-rpm/ install them by hand, reboot the management server, destroy the routers and wait for them to be recreated? What other commits are there in this shapshot? Is it dangerous to use this snapshot build? Can other bugs be introduced? Do you know maybe when official 4.3.2 will be released? Regards, F. On 23 Sep 2014, at 13:33, Rohit Yadav wrote: > Hi France, > > On 22-Sep-2014, at 1:09 pm, France wrote: >> Hi guys, >> >> i have upgraded from 4.1.1 to 4.3.1 over the weekend. Amongst other >> regressions i have found this one: >> >> https://issues.apache.org/jira/browse/CLOUDSTACK-7517 >> >> So it looks like it is already well known bug and already has a fix. >> >> What can _we_ do to get the fix for 4.3 releases on our production system? > > I’ve cherry-picked it to 4.3 branch, you may build from source to get this > fix. Or, use the rpms from jenkins build. > >> Is anyone willing to build a RPM including this fix? >> I see it was fixed only in 4.5. Taking into account what a small fix it is >> and how important it is, maybe include it in 4.4.1 release also, because it >> is still not released? >> Also why not add it along with other fixes to 4.3 and release 4.3.2? >> In my personal opinion, ACS has way too few bugfix releases, and lot’s of >> people have to build their own packages because of that. > > RPMs and DEB from latest 4.3 branch will be made available by Jenkins here: > http://jenkins.buildacloud.org/view/4.3 > > Regards, > Rohit Yadav > Software Architect, ShapeBlue > M. +41 779015219 | rohit.ya...@shapeblue.com > Blog: bhaisaab.org | Twitter: @_bhaisaab > http://shapeblue.com/cloudstack-software-engineering > > > > Find out more about ShapeBlue and our range of CloudStack related services > > IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//> > CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/> > CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/> > CloudStack Infrastructure > Support<http://shapeblue.com/cloudstack-infrastructure-support/> > CloudStack Bootcamp Training > Courses<http://shapeblue.com/cloudstack-training/> > > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based upon > its contents, nor copy or show it to anyone. Please contact the sender if you > believe you have received this email in error. Shape Blue Ltd is a company > incorporated in England & Wales. ShapeBlue Services India LLP is a company > incorporated in India and is operated under license from Shape Blue Ltd. > Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is > operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company > registered by The Republic of South Africa and is traded under license from > Shape Blue Ltd. ShapeBlue is a registered trademark.
Urgent. Importing certificate to CS 4.3.1 using GUI
Hi guys, i want to migrate away from realhostip.com. I have set up DNS service in no time, but am having problems importing certificates to ACS 3.4.1. I created my own CA like this: cd /etc/pki/CA touch index.txt echo 1000 > serial openssl genrsa -aes256 -out /etc/pki/CA/private/ca.key.pem 4096 chmod 400 /etc/pki/CA/private/ca.key.pem nano -w /etc/pki/tls/openssl.cnf openssl req -new -x509 -days 63650 -key /etc/pki/CA/private/ca.key.pem -sha256 -extensions v3_ca -out /etc/pki/CA/certs/ca.cert.pem Signed my own keys and converted them to pkcs8 format like this: cd /etc/pki/CA openssl genrsa -out private/vse.somedomain.tld.key.pem 4096 chmod 400 private/vse.somedomain.tld.key.pem openssl req -sha256 -new -key private/vse.somedomain.tld.key.pem -out certs/vse.somedomain.tld.csr.pem openssl ca -keyfile private/ca.key.pem -cert certs/ca.cert.pem -extensions usr_cert -notext -md sha256 -days 63649 -in certs/vse.somedomain.tld.csr.pem -out certs/vse.somedomain.tld.cert.pem openssl pkcs8 -topk8 -in private/vse.somedomain.tld.key.pem -out private/vse.somedomain.tld.key.encrypted.pkcs8 openssl pkcs8 -in private/vse.somedomain.tld.key.encrypted.pkcs8 -out private/vse.somedomain.tld.key.pkcs8 chmod 400 private/vse.somedomain.tld.key.encrypted.pkcs8 chmod 400 private/vse.somedomain.tld.key.pkcs8 But when trying to import it via GUI: infrastructure -> SSL Certificate: Certificate from vse.somedomain.tld.cert.pem PKCS8 from private/vse.somedomain.tld.key.pkcs8 DNS domain suffix to: *.somedomain.tld But it fails with: "Failed to update SSL Certificate." Please help me upload the new certificate. Catalina.out shows no error. I have no idea what else to check. Thank you. F.
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
Tnx Amogh, i have checked management-server.log and no new entries or errors regarding certificate operation are written at the time when i get "Failed to update SSL Certificate." error message. I tried it a couple of times. I also used somedomain.tld in the GUI. Certificate is for *.somedomain.tld. I will go thru whole create CA and certificate process again and retry. There must be some simple mistake in my process somewhere. Lack of errors in logs, is also strange. :-/ Regards, F. On 24 Sep 2014, at 21:10, Amogh Vasekar wrote: > Hi, > > Couple of things : > > 1. The error will be logged to the cloudstack management server log file > (management-server.log) and would really help to know what it is. > 2. While uploading the certificate, the domain_suffix should be > somedomain.tld and not *.somedomain.tld (the asterisk is only for global > config so that cloudstack can distinguish between HTTP and HTTPS modes) > > Thanks > Amogh > > On 9/24/14 7:40 AM, "France" wrote: > >> Hi guys, >> >> i want to migrate away from realhostip.com. I have set up DNS service in >> no time, but am having problems importing certificates to ACS 3.4.1. >> >> I created my own CA like this: >> >> cd /etc/pki/CA >> touch index.txt >> echo 1000 > serial >> openssl genrsa -aes256 -out /etc/pki/CA/private/ca.key.pem 4096 >> chmod 400 /etc/pki/CA/private/ca.key.pem >> nano -w /etc/pki/tls/openssl.cnf >> openssl req -new -x509 -days 63650 -key /etc/pki/CA/private/ca.key.pem >> -sha256 -extensions v3_ca -out /etc/pki/CA/certs/ca.cert.pem >> >> >> Signed my own keys and converted them to pkcs8 format like this: >> >> cd /etc/pki/CA >> openssl genrsa -out private/vse.somedomain.tld.key.pem 4096 >> chmod 400 private/vse.somedomain.tld.key.pem >> openssl req -sha256 -new -key private/vse.somedomain.tld.key.pem -out >> certs/vse.somedomain.tld.csr.pem >> openssl ca -keyfile private/ca.key.pem -cert certs/ca.cert.pem >> -extensions usr_cert -notext -md sha256 -days 63649 -in >> certs/vse.somedomain.tld.csr.pem -out certs/vse.somedomain.tld.cert.pem >> openssl pkcs8 -topk8 -in private/vse.somedomain.tld.key.pem -out >> private/vse.somedomain.tld.key.encrypted.pkcs8 >> openssl pkcs8 -in private/vse.somedomain.tld.key.encrypted.pkcs8 -out >> private/vse.somedomain.tld.key.pkcs8 >> chmod 400 private/vse.somedomain.tld.key.encrypted.pkcs8 >> chmod 400 private/vse.somedomain.tld.key.pkcs8 >> >> >> >> But when trying to import it via GUI: infrastructure -> SSL Certificate: >> Certificate from vse.somedomain.tld.cert.pem >> PKCS8 from private/vse.somedomain.tld.key.pkcs8 >> DNS domain suffix to: *.somedomain.tld >> >> But it fails with: >> "Failed to update SSL Certificate." >> >> Please help me upload the new certificate. >> Catalina.out shows no error. I have no idea what else to check. >> >> Thank you. >> F. >> >> >
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
:9c:e3:fa:48:cb:93:40:8f:63:7b:69:2f:2a:22:4e: 0e:44:1b:52:3e:70:fb:65:43:be:a2:0a:04:5e:70:cf:d7:fe: d5:66:0a:19:81:d5:bf:54:ce:fd:25:cc:d8:f6:cc:be:e8:a9: e1:a9:38:ef:81:80:2e:61:52:fb:0a:0c:e5:21:e1:7a:c8:3f: 8e:6a:9a:ab:a6:72:81:54:43:08:65:b8:62:00:08:c8:c2:f6: 88:82:7e:fb:07:22:67:09:c0:1a:fb:d9:69:17:2a:d8:be:01: 7e:e5:ee:3d:1b:f1:bf:3f Tnx and regards, F. On 25 Sep 2014, at 13:48, France wrote: > Tnx Amogh, > > i have checked management-server.log and no new entries or errors regarding > certificate operation are written at the time when i get "Failed to update > SSL Certificate." error message. I tried it a couple of times. I also used > somedomain.tld in the GUI. Certificate is for *.somedomain.tld. > I will go thru whole create CA and certificate process again and retry. > There must be some simple mistake in my process somewhere. Lack of errors in > logs, is also strange. :-/ > > Regards, > F. > > On 24 Sep 2014, at 21:10, Amogh Vasekar wrote: > >> Hi, >> >> Couple of things : >> >> 1. The error will be logged to the cloudstack management server log file >> (management-server.log) and would really help to know what it is. >> 2. While uploading the certificate, the domain_suffix should be >> somedomain.tld and not *.somedomain.tld (the asterisk is only for global >> config so that cloudstack can distinguish between HTTP and HTTPS modes) >> >> Thanks >> Amogh >> >> On 9/24/14 7:40 AM, "France" wrote: >> >>> Hi guys, >>> >>> i want to migrate away from realhostip.com. I have set up DNS service in >>> no time, but am having problems importing certificates to ACS 3.4.1. >>> >>> I created my own CA like this: >>> >>> cd /etc/pki/CA >>> touch index.txt >>> echo 1000 > serial >>> openssl genrsa -aes256 -out /etc/pki/CA/private/ca.key.pem 4096 >>> chmod 400 /etc/pki/CA/private/ca.key.pem >>> nano -w /etc/pki/tls/openssl.cnf >>> openssl req -new -x509 -days 63650 -key /etc/pki/CA/private/ca.key.pem >>> -sha256 -extensions v3_ca -out /etc/pki/CA/certs/ca.cert.pem >>> >>> >>> Signed my own keys and converted them to pkcs8 format like this: >>> >>> cd /etc/pki/CA >>> openssl genrsa -out private/vse.somedomain.tld.key.pem 4096 >>> chmod 400 private/vse.somedomain.tld.key.pem >>> openssl req -sha256 -new -key private/vse.somedomain.tld.key.pem -out >>> certs/vse.somedomain.tld.csr.pem >>> openssl ca -keyfile private/ca.key.pem -cert certs/ca.cert.pem >>> -extensions usr_cert -notext -md sha256 -days 63649 -in >>> certs/vse.somedomain.tld.csr.pem -out certs/vse.somedomain.tld.cert.pem >>> openssl pkcs8 -topk8 -in private/vse.somedomain.tld.key.pem -out >>> private/vse.somedomain.tld.key.encrypted.pkcs8 >>> openssl pkcs8 -in private/vse.somedomain.tld.key.encrypted.pkcs8 -out >>> private/vse.somedomain.tld.key.pkcs8 >>> chmod 400 private/vse.somedomain.tld.key.encrypted.pkcs8 >>> chmod 400 private/vse.somedomain.tld.key.pkcs8 >>> >>> >>> >>> But when trying to import it via GUI: infrastructure -> SSL Certificate: >>> Certificate from vse.somedomain.tld.cert.pem >>> PKCS8 from private/vse.somedomain.tld.key.pkcs8 >>> DNS domain suffix to: *.somedomain.tld >>> >>> But it fails with: >>> "Failed to update SSL Certificate." >>> >>> Please help me upload the new certificate. >>> Catalina.out shows no error. I have no idea what else to check. >>> >>> Thank you. >>> F. >>> >>> >> >
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
There is a bug in ACS 4.3.1 GUI. The before mentioned process did not work with Firefox 32.0.2, while it worked on latest Chrome. Because the problem is on the browser side, it did not reach management server logs at all. I have done everything correct. Even a couple of times. ;-) Hopefully this mail will help someone in the future. I would also advise to update the documentation on the issue. Do you want me to open a bug report for this? I am a little reluctant to do so, because some of the bug reports i made previously just sit there for years to come. FYI also got contacted off the mailing list by Steve Roles from ShapeBlue who kindly offered to sell annual 24/7 support to help me sort this issue. Too bad they did not want to provide help/support for this one incident, which which they "have come across" already. They could get payed well for telling me to use another browser. :-) While i appreciate what ShapeBlue does for ACS, they could easily just have told us publicly on the mailing list to use a different browser. Many thanks to anyone else who actually tried to help on the issue. Realhostip.com migration is now officially complete. Regards, F. On 25 Sep 2014, at 14:54, France wrote: > I have created new key and csr. Signed it, converted key to pkcs8 format > without encryption and added in ACS GUI with *.domain.tld and again with > domain.tld. I did copy paste the crt and key with and without -BEGIN > CERTIFICATE—— tags. Nothing works. I have the same GUI error message as > before. Management-log shows no errors or even logs regarding certificate > manipulation. I have not created CA key and certs again. I have confirmed > certificate before importing to ACS using: openssl x509 -in > private/vse.somedomain.tls.crt -noout -text (result below). > > Maybe i could just insert new certs straight into the database, destroy > console proxy and see what happens. > Any more ideas? > > Also there is a bug in 4.3 documentation, because it says one must enter > *.domain.tld while you say, it should be just domain.tld > > “ > In the Update SSL Certificate screen of the CloudStack UI, paste the > following: > > • The certificate you’ve just generated. > • The private key you’ve just generated. > • The desired domain name, prefixed with *.; for example, > *.consoleproxy.company.com > “ > > > [root@mc1 private]# openssl x509 -in vse.somedomain.si.crt -noout -text > Certificate: >Data: >Version: 3 (0x2) >Serial Number: 4097 (0x1001) >Signature Algorithm: sha256WithRSAEncryption >Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=XXX d.o.o., OU=IT > department, CN=optimus.si/emailAddress=sis...@xxxb.si >Validity >Not Before: Sep 25 12:25:32 2014 GMT >Not After : Jun 3 12:25:32 2028 GMT >Subject: C=SI, ST=Slovenia, O=XXX d.o.o., OU=IT department, > CN=*.somedomain.si/emailAddress=sis...@xxxb.si >Subject Public Key Info: >Public Key Algorithm: rsaEncryption >Public-Key: (2048 bit) >Modulus: >00:a8:50:02:21:7a:49:b1:48:07:96:21:87:69:1d: >94:6f:d8:4f:0b:31:f4:8f:6f:e4:b2:78:94:38:d4: >72:92:5b:d5:43:73:aa:e4:33:48:31:11:5a:62:7e: >95:2b:e1:78:11:81:f0:ef:1a:0d:d0:52:90:47:2b: >fd:ab:0d:89:57:fa:ee:6b:3b:d1:24:c9:a9:6d:d6: >fb:0f:14:e3:72:63:a7:75:3d:3e:f5:57:45:09:7e: >83:18:f1:77:c9:3a:1e:de:6f:cd:43:0f:84:11:08: >05:3b:da:ed:3e:a6:65:7c:e9:3f:3b:b9:73:b3:87: >b6:a2:14:af:fd:3e:a9:6f:0f:e4:fb:4d:91:70:d6: >9a:78:b8:00:2e:f0:ad:24:07:01:64:b8:1f:ce:62: >f6:83:e3:fb:45:b9:3e:a1:c3:e6:de:87:d9:37:d3: >28:cf:20:6c:f9:78:5f:24:64:fb:d4:dd:79:90:87: >69:36:ad:83:3d:bd:ab:fd:aa:1d:6a:a6:b8:d5:8a: >f9:d6:e4:f0:db:9a:81:d4:41:e9:19:bf:a5:e8:fb: >d9:f5:e2:50:3c:4d:01:6d:3d:96:26:59:76:70:99: >8c:2e:c0:cf:dd:09:3b:fb:6f:8d:43:29:0c:7e:8a: >5c:8d:49:f4:9a:96:ba:54:72:44:d8:fa:aa:64:71: >27:21 >Exponent: 65537 (0x10001) >X509v3 extensions: >X509v3 Basic Constraints: >CA:FALSE >X509v3 Key Usage: >Digital Signature, Non Repudiation, Key Encipherment >Netscape Comment: >OpenSSL Generated Certificate >X509v3 Subject Key Identifier: >13:B4:E9:B7:EA:67:BC:00:BA:20:F9:9D:AB:02:14:0D:22:B4:F7:5B >X509v3 Authority Key Identifier: &g
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
You are talking about importing CA root certificate into client machine, while i was clearly talking about importing certificate into the ACS 3.2.1 install to be used by console proxy. Of course you need to import the CA root certificate not to get warnings on the client side, but only _after_ the server certificate is installed/changed via ACS GUI -> infrastructure -> SSL Certificate. This procedure does not work with Firefox, but does work in Chrome. Regards, F. On 25 Sep 2014, at 16:26, Suresh Sadhu wrote: > HI France, > > Did you import the certificate in firefox . In firefox we need to explicitly > import the certificate > > Please check below procedure to import the certificate in firefox: > > go to the Tools menu and select Options In the Options window, go to the > Advanced section - Encryption tab and click the "View certificates" button. > In the Certificate Manager window, switch to the Authorities tab and click > the "Import..." button to import your .crt certificate > In the Downloading Certificate window ,check the "trust the CA identity to > identify websites and click"OK" button. > > Then open the new firefox session and try to check the console view.hope you > will see the same result what you seen with chrome browser. > > Regards > sadhu > > > > -Original Message- > From: France [mailto:mailingli...@isg.si] > Sent: 25 September 2014 19:22 > To: dev@cloudstack.apache.org > Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI > > There is a bug in ACS 4.3.1 GUI. > The before mentioned process did not work with Firefox 32.0.2, while it > worked on latest Chrome. > Because the problem is on the browser side, it did not reach management > server logs at all. > I have done everything correct. Even a couple of times. ;-) > > Hopefully this mail will help someone in the future. I would also advise to > update the documentation on the issue. > > Do you want me to open a bug report for this? I am a little reluctant to do > so, because some of the bug reports i made previously just sit there for > years to come. > > FYI also got contacted off the mailing list by Steve Roles from ShapeBlue who > kindly offered to sell annual 24/7 support to help me sort this issue. > Too bad they did not want to provide help/support for this one incident, > which which they "have come across" already. They could get payed well for > telling me to use another browser. :-) While i appreciate what ShapeBlue does > for ACS, they could easily just have told us publicly on the mailing list to > use a different browser. > > Many thanks to anyone else who actually tried to help on the issue. > Realhostip.com migration is now officially complete. > > Regards, > F. > > On 25 Sep 2014, at 14:54, France wrote: > >> I have created new key and csr. Signed it, converted key to pkcs8 format >> without encryption and added in ACS GUI with *.domain.tld and again with >> domain.tld. I did copy paste the crt and key with and without -BEGIN >> CERTIFICATE-- tags. Nothing works. I have the same GUI error message as >> before. Management-log shows no errors or even logs regarding certificate >> manipulation. I have not created CA key and certs again. I have confirmed >> certificate before importing to ACS using: openssl x509 -in >> private/vse.somedomain.tls.crt -noout -text (result below). >> >> Maybe i could just insert new certs straight into the database, destroy >> console proxy and see what happens. >> Any more ideas? >> >> Also there is a bug in 4.3 documentation, because it says one must >> enter *.domain.tld while you say, it should be just domain.tld >> >> " >> In the Update SSL Certificate screen of the CloudStack UI, paste the >> following: >> >> * The certificate you've just generated. >> * The private key you've just generated. >> * The desired domain name, prefixed with *.; for example, >> *.consoleproxy.company.com " >> >> >> [root@mc1 private]# openssl x509 -in vse.somedomain.si.crt -noout >> -text >> Certificate: >> Data: >> Version: 3 (0x2) >> Serial Number: 4097 (0x1001) >> Signature Algorithm: sha256WithRSAEncryption >> Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=XXX d.o.o., OU=IT >> department, CN=optimus.si/emailAddress=sis...@xxxb.si >> Validity >> Not Before: Sep 25 12:25:32 2014 GMT >> Not After : Jun 3 12:25:32 2028 GMT >> Subject: C=SI, ST=Slovenia, O=XXX d.o.o., OU=IT
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
Issue has been created. I would assign it to you, but lack credentials? https://issues.apache.org/jira/browse/CLOUDSTACK-7635 Regards, F. On 26 Sep 2014, at 11:47, Stephen Turner wrote: > Yes, I would like a bug report for this. Please assign it to me. This bit of > UI has been rewritten on master, but it should work the same in all browsers, > so I'd like to investigate whether it's fixed on master, and also whether > there are any other similar controls that aren't working in FF 32. > > If you can attach a public key and other data that illustrates the problem, > that would be great just to make sure that we can repro it. Thank you. > > -- > Stephen Turner > > > -Original Message- > From: France [mailto:mailingli...@isg.si] > Sent: 25 September 2014 14:52 > To: dev@cloudstack.apache.org > Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI > > There is a bug in ACS 4.3.1 GUI. > The before mentioned process did not work with Firefox 32.0.2, while it > worked on latest Chrome. > Because the problem is on the browser side, it did not reach management > server logs at all. > I have done everything correct. Even a couple of times. ;-) > > Hopefully this mail will help someone in the future. I would also advise to > update the documentation on the issue. > > Do you want me to open a bug report for this? I am a little reluctant to do > so, because some of the bug reports i made previously just sit there for > years to come. > > FYI also got contacted off the mailing list by Steve Roles from ShapeBlue who > kindly offered to sell annual 24/7 support to help me sort this issue. > Too bad they did not want to provide help/support for this one incident, > which which they "have come across" already. They could get payed well for > telling me to use another browser. :-) While i appreciate what ShapeBlue does > for ACS, they could easily just have told us publicly on the mailing list to > use a different browser. > > Many thanks to anyone else who actually tried to help on the issue. > Realhostip.com migration is now officially complete. > > Regards, > F. > > On 25 Sep 2014, at 14:54, France wrote: > >> I have created new key and csr. Signed it, converted key to pkcs8 format >> without encryption and added in ACS GUI with *.domain.tld and again with >> domain.tld. I did copy paste the crt and key with and without -BEGIN >> CERTIFICATE-- tags. Nothing works. I have the same GUI error message as >> before. Management-log shows no errors or even logs regarding certificate >> manipulation. I have not created CA key and certs again. I have confirmed >> certificate before importing to ACS using: openssl x509 -in >> private/vse.somedomain.tls.crt -noout -text (result below). >> >> Maybe i could just insert new certs straight into the database, destroy >> console proxy and see what happens. >> Any more ideas? >> >> Also there is a bug in 4.3 documentation, because it says one must >> enter *.domain.tld while you say, it should be just domain.tld >> >> " >> In the Update SSL Certificate screen of the CloudStack UI, paste the >> following: >> >> * The certificate you've just generated. >> * The private key you've just generated. >> * The desired domain name, prefixed with *.; for example, >> *.consoleproxy.company.com " >> >> >> [root@mc1 private]# openssl x509 -in vse.somedomain.si.crt -noout >> -text >> Certificate: >> Data: >> Version: 3 (0x2) >> Serial Number: 4097 (0x1001) >> Signature Algorithm: sha256WithRSAEncryption >> Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=XXX d.o.o., OU=IT >> department, CN=optimus.si/emailAddress=sis...@xxxb.si >> Validity >> Not Before: Sep 25 12:25:32 2014 GMT >> Not After : Jun 3 12:25:32 2028 GMT >> Subject: C=SI, ST=Slovenia, O=XXX d.o.o., OU=IT department, >> CN=*.somedomain.si/emailAddress=sis...@xxxb.si >> Subject Public Key Info: >> Public Key Algorithm: rsaEncryption >> Public-Key: (2048 bit) >> Modulus: >> 00:a8:50:02:21:7a:49:b1:48:07:96:21:87:69:1d: >> 94:6f:d8:4f:0b:31:f4:8f:6f:e4:b2:78:94:38:d4: >> 72:92:5b:d5:43:73:aa:e4:33:48:31:11:5a:62:7e: >> 95:2b:e1:78:11:81:f0:ef:1a:0d:d0:52:90:47:2b: >> fd:ab:0d:89:57:fa:ee:6b:3b:d1:24:c9:a9:6d:d6: >> fb:0f:14:e3:72:63:a7:75:3d:3e:f5:57:45:09:7e: >>
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
On 26 Sep 2014, at 14:52, Sebastien Goasguen wrote: >> The before mentioned process did not work with Firefox 32.0.2, while it >> worked on latest Chrome. >> Because the problem is on the browser side, it did not reach management >> server logs at all. >> I have done everything correct. Even a couple of times. ;-) >> >> Hopefully this mail will help someone in the future. I would also advise to >> update the documentation on the issue. >> > > Can you tell us where the issue in the docs is exactly ? For 4.3 on http://docs.cloudstack.apache.org/ administration documentation. The docs that should be changed are at: http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/4.4/systemvm.html?highlight=console%20proxy#changing-the-console-proxy-ssl-certificate-and-domain Just below 3. step : "In the Update SSL Certificate screen of the CloudStack UI, paste the following:" It says one must enter *.domain.tld while it should be just domain.tld without * And below that, there should be a note like: Importing certificate in Infrastructure -> SSL Certificate does/might not work with Firefox, but works with Chrome.
ACS 4.1.1 -> 4.3.1 = errorInfo: [XENAPI_PLUGIN_FAILURE, getSnapshotSize, CommandException, 2] && vhd-util: libvhd::vhd_open: failed to open /dev/VG_XenStorage-197c3580-fc82-35e5-356d-1f0909a9cfd9/VHD
Hi guys,
after upgrading ACS from 4.1.1 to 4.3.1 and upgrading XS 6.0.2 to latest
hotfixes and manually replacing NFSSR.py with one from ACS 4.3.1, amongst other
errors, I see this error.
Snapshot is created successfully. I have created templates from it and used
them to create new VMs, but in the log there is an error. (Also snapshots are
not working on volumes which have had snapshots before the upgrade. But i will
deal with that issue later. They might even be related.)
What should I check to provide you with more info about the issue, so we can
address it?
Google search came up empty for this issue. :-( Please help me sort this out.
To me, it looks like Xen removed
/dev/VG_XenStorage-197c3580-fc82-35e5-356d-1f0909a9cfd9/VHD-3d732e11-8697-4a45-9518-44d4154ee6d6
after the copy to secondary storage but before cloudstack ordered the removal.
Should I open a bug for it?
This is where i believe the snapshot was ordered:
/
2014-10-07 16:51:16,919 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
(http-6443-exec-42:ctx-6a64da65 ctx-e324e472) submit async job-2171, details:
AsyncJobVO {id:2171, userId: 28, accountId: 30, instanceType: Snapshot,
instanceId: 977, cmd:
org.apache.cloudstack.api.command.user.snapshot.CreateSnapshotCmd, cmdInfo:
{"id":"977","response":"json","sessionkey”:"X","cmdEventType":"SNAPSHOT.CREATE","ctxUserId":"28","httpmethod":"GET","_":"1412693528063","volumeid":"72d5b956-fbaf-44c2-8aeb-df49354ddbb3","quiescevm":"false","ctxAccountId":"30","ctxStartEventId":"60842"},
cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result:
null, initMsid: 95545481387, completeMsid: null, lastUpdated: null, lastPolled:
null, created: null}
2014-10-07 16:51:16,920 INFO [o.a.c.f.j.i.AsyncJobMonitor]
(Job-Executor-84:ctx-649dbc0e) Add job-2171 into job monitoring
2014-10-07 16:51:16,920 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
(Job-Executor-84:ctx-649dbc0e) Executing AsyncJobVO {id:2171, userId: 28,
accountId: 30, instanceType: Snapshot, instanceId: 977, cmd:
org.apache.cloudstack.api.command.user.snapshot.CreateSnapshotCmd, cmdInfo:
{"id":"977","response":"json","sessionkey”:"X","cmdEventType":"SNAPSHOT.CREATE","ctxUserId":"28","httpmethod":"GET","_":"1412693528063","volumeid":"72d5b956-fbaf-44c2-8aeb-df49354ddbb3","quiescevm":"false","ctxAccountId":"30","ctxStartEventId":"60842"},
cmdVersion: 0, status: IN_PROGRESS, processStatus: 0, resultCode: 0, result:
null, initMsid: 95545481387, completeMsid: null, lastUpdated: null, lastPolled:
null, created: null}
2014-10-07 16:51:16,920 DEBUG [c.c.a.ApiServlet]
(http-6443-exec-42:ctx-6a64da65 ctx-e324e472) ===END=== XX.XX.XX.XX -- GET
command=createSnapshot&volumeid=72d5b956-fbaf-44c2-8aeb-df49354ddbb3&quiescevm=false&response=json&sessionkey=XX%3D&_=1412693528063
2014-10-07 16:51:16,928 DEBUG [c.c.u.AccountManagerImpl]
(Job-Executor-84:ctx-649dbc0e ctx-e324e472) Access to
Acct[7ff6cd6b-7400-4d44-980b-9dc3115264eb-XX] granted to
Acct[7ff6cd6b-7400-4d44-980b-9dc3115264eb-] by DomainChecker
2014-10-07 16:51:16,953 INFO [o.a.c.a.c.u.s.CreateSnapshotCmd]
(Job-Executor-84:ctx-649dbc0e ctx-e324e472) VOLSS: createSnapshotCmd
starts:1412693476953
2014-10-07 16:51:17,290 DEBUG [c.c.a.t.Request] (Job-Executor-84:ctx-649dbc0e
ctx-e324e472) Seq 2-1824254062: Sending { Cmd , MgmtId: 95545481387, via:
2(x2.XXX), Ver: v1, Flags: 100011,
[{"org.apache.cloudstack.storage.command.CreateObjectCommand":{"data":{"org.apache.cloudstack.storage.to.SnapshotObjectTO":{"volume":{"uuid":"72d5b956-fbaf-44c2-8aeb-df49354ddbb3","volumeType":"ROOT","dataStore":{"org.apache.cloudstack.storage.to.PrimaryDataStoreTO":{"uuid":"1c8dbf77-2b23-3244-91ee-5037cb2a55a8","id":208,"poolType":"IscsiLUN","host":"s2.v.XXX","path":"/iqn.2010-02.XXX:storage.XXX.s2/1","port":3260,"url":"IscsiLUN://s2.v.XXX//iqn.2010-02.XXX:storage.XXX.s2/1/?ROLE=Primary&STOREUUID=1c8dbf77-2b23-3244-91ee-5037cb2a55a8"}},"name":"ROOT-457","size":21474836480,"path":"5f54e049-7336-46bf-88be-c364624504f9","volumeId":556,"vmName":"i-30-457-VM","accountId":30,"format":"VHD","id":556,"deviceId":0,"hypervisorType":"XenServer"},"dataStore":{"org.apache.cloudstack.storage.to.PrimaryDataStoreTO":{"uuid":"1c8dbf77-2b23-3244-91ee-5037cb2a55a8","id":208,"poolType":"IscsiLUN","host":"s2.v.XXX","path":"/iqn.2010-02.XXX:storage.XXX.s2/1","port":3260,"url":"IscsiLUN://s2.v.XXX//iqn.2010-02.XXX:storage.XXX.s2/1/?ROLE=Primary&STOREUUID=1c8dbf77-2b23-3244-91ee-5037cb2a55a8"}},"vmName":"i-30-457-VM","name":"MInecraftDebian_ROOT-457_20141007145115","hypervisorType":"XenServer","id":977,"quiescevm":false,"physicalSize":0}},"wait":0}}]
}
2014-10-07 16:51:17,291 DEBUG [c.c.a.t.Request] (Job-Executor-84:ctx-649dbc0e
ctx-e324e472) Seq 2-1824254062: Executing: { Cmd , MgmtId: 95545481387, via:
2(x2.XXX), Ver: v1, Flags: 100011,
[{"org.apache.cloudstack.storage.command.CreateObjectCommand":{"data":{"org.apache.cloudstack.storage.to.SnapshotObjectTO"
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
Send me a private email and you can test it on my exact system with all development options turned on as you wish. We will do it via remote screen sharing, like VNC, RDP, Teamviewer, .. Regards, F. On 26 Sep 2014, at 16:53, Stephen Turner wrote: > I'm afraid I couldn't reproduce this, even with your certificate and private > key. Everything I tried, I got "Update Certiciate [sic] Succeeded". > > Does anyone else have a convenient 4.3 and FF 32 that they can try and repro > this with? > > France, if you open the developer tools in Firefox and do this again, do you > see any errors? > > -- > Stephen Turner > > > -Original Message- > From: France [mailto:mailingli...@isg.si] > Sent: 26 September 2014 13:44 > To: Stephen Turner > Cc: dev@cloudstack.apache.org > Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI > > Issue has been created. > I would assign it to you, but lack credentials? > > https://issues.apache.org/jira/browse/CLOUDSTACK-7635 > > Regards, > F. > > On 26 Sep 2014, at 11:47, Stephen Turner wrote: > >> Yes, I would like a bug report for this. Please assign it to me. This bit of >> UI has been rewritten on master, but it should work the same in all >> browsers, so I'd like to investigate whether it's fixed on master, and also >> whether there are any other similar controls that aren't working in FF 32. >> >> If you can attach a public key and other data that illustrates the problem, >> that would be great just to make sure that we can repro it. Thank you. >> >> -- >> Stephen Turner >> >> >> -Original Message- >> From: France [mailto:mailingli...@isg.si] >> Sent: 25 September 2014 14:52 >> To: dev@cloudstack.apache.org >> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >> >> There is a bug in ACS 4.3.1 GUI. >> The before mentioned process did not work with Firefox 32.0.2, while it >> worked on latest Chrome. >> Because the problem is on the browser side, it did not reach management >> server logs at all. >> I have done everything correct. Even a couple of times. ;-) >> >> Hopefully this mail will help someone in the future. I would also advise to >> update the documentation on the issue. >> >> Do you want me to open a bug report for this? I am a little reluctant to do >> so, because some of the bug reports i made previously just sit there for >> years to come. >> >> FYI also got contacted off the mailing list by Steve Roles from ShapeBlue >> who kindly offered to sell annual 24/7 support to help me sort this issue. >> Too bad they did not want to provide help/support for this one incident, >> which which they "have come across" already. They could get payed well for >> telling me to use another browser. :-) While i appreciate what ShapeBlue >> does for ACS, they could easily just have told us publicly on the mailing >> list to use a different browser. >> >> Many thanks to anyone else who actually tried to help on the issue. >> Realhostip.com migration is now officially complete. >> >> Regards, >> F. >> >> On 25 Sep 2014, at 14:54, France wrote: >> >>> I have created new key and csr. Signed it, converted key to pkcs8 format >>> without encryption and added in ACS GUI with *.domain.tld and again with >>> domain.tld. I did copy paste the crt and key with and without -BEGIN >>> CERTIFICATE-- tags. Nothing works. I have the same GUI error message as >>> before. Management-log shows no errors or even logs regarding certificate >>> manipulation. I have not created CA key and certs again. I have confirmed >>> certificate before importing to ACS using: openssl x509 -in >>> private/vse.somedomain.tls.crt -noout -text (result below). >>> >>> Maybe i could just insert new certs straight into the database, destroy >>> console proxy and see what happens. >>> Any more ideas? >>> >>> Also there is a bug in 4.3 documentation, because it says one must >>> enter *.domain.tld while you say, it should be just domain.tld >>> >>> " >>> In the Update SSL Certificate screen of the CloudStack UI, paste the >>> following: >>> >>> * The certificate you've just generated. >>> * The private key you've just generated. >>> * The desired domain name, prefixed with *.; for example, >>> *.consoleproxy.company.com " >>> >>>
Re: Updated and new Cloudstack templates
Tnx man, will test them out. :-) On 08 Oct 2014, at 14:11, Nux! wrote: > Hello, > > I've updated the existing CentOS templates and added some new ones - FreeBSD > and Ubuntu. > The Ubuntu template is actually their own cloud image with the cloudstack > data source defined in cloud-init and the password script added. > Let me know if you have any comments etc. > > http://dl.openvm.eu/cloudstack/ > > Lucian > > -- > Sent from the Delta quadrant using Borg technology! > > Nux! > www.nux.ro
Re: Using console VM's without realhostip.com domain name
Ofcourse it will not work in modern browsers, if you access the GUI via https, because iframe is used. If you access ACS GUI via http, it should work, but it is not advised to login with plaintext. Regards, F. On 10 Oct 2014, at 10:52, Wido den Hollander wrote: > Hi, > > Go to the global settings and empty the console proxy and secondary > storage domain settings. > > Those values should say "realhostip.com" now. > > Restart the management server and you're done. That will disable SSL. > > Wido > > On 10/10/2014 05:22 AM, Amin wrote: >> Hello, >> >> >> >> Can anyone please advise how to use cloudstack 4.3.1 (upgraded version from >> 2.2.14), how to use the console VM after deprecation of realhostip.com, we >> are not using SSL certificates. And we don't have domain name. >> >> >> >> Thanks in advance >> >> >> >>
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
Because i do not check this mailing list every day due to actual payed work, i have not seen your request. I will contact you right now. On 08 Oct 2014, at 20:10, Suresh Sadhu wrote: > Sure Nitin and as of now I didn't hear anything from France. > > Regards > sadhu > > -Original Message- > From: Nitin Mehta [mailto:nitin.me...@citrix.com] > Sent: 08 October 2014 21:57 > To: dev@cloudstack.apache.org > Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI > > Sadhu - Please do update the thread once you have some observation. Thanks > > -Nitin > > On 08/10/14 5:27 AM, "Suresh Sadhu" wrote: > >> HI France, >> >> I can help today . >> My personal email id is mailtosa...@gmail.com >> >> >> Regards >> sadhu >> >> -Original Message- >> From: Stephen Turner [mailto:stephen.tur...@citrix.com] >> Sent: 08 October 2014 17:43 >> To: dev@cloudstack.apache.org >> Subject: RE: Urgent. Importing certificate to CS 4.3.1 using GUI >> >> France, I'm sorry, but I'm about to go away for three weeks, and I'm >> not going to have time to work on this. >> >> Is there anyone else who could help France? Is anyone else seeing the >> problem, because I couldn't reproduce it? >> >> -- >> Stephen Turner >> >> >> >> -Original Message- >> From: France [mailto:mailingli...@isg.si] >> Sent: 08 October 2014 11:44 >> To: dev@cloudstack.apache.org >> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >> >> Send me a private email and you can test it on my exact system with all >> development options turned on as you wish. >> We will do it via remote screen sharing, like VNC, RDP, Teamviewer, .. >> >> Regards, >> F. >> >> On 26 Sep 2014, at 16:53, Stephen Turner >> wrote: >> >>> I'm afraid I couldn't reproduce this, even with your certificate and >>> private key. Everything I tried, I got "Update Certiciate [sic] >>> Succeeded". >>> >>> Does anyone else have a convenient 4.3 and FF 32 that they can try >>> and repro this with? >>> >>> France, if you open the developer tools in Firefox and do this again, >>> do you see any errors? >>> >>> -- >>> Stephen Turner >>> >>> >>> -Original Message- >>> From: France [mailto:mailingli...@isg.si] >>> Sent: 26 September 2014 13:44 >>> To: Stephen Turner >>> Cc: dev@cloudstack.apache.org >>> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >>> >>> Issue has been created. >>> I would assign it to you, but lack credentials? >>> >>> https://issues.apache.org/jira/browse/CLOUDSTACK-7635 >>> >>> Regards, >>> F. >>> >>> On 26 Sep 2014, at 11:47, Stephen Turner >>> wrote: >>> >>>> Yes, I would like a bug report for this. Please assign it to me. >>>> This bit of UI has been rewritten on master, but it should work the >>>> same in all browsers, so I'd like to investigate whether it's fixed >>>> on master, and also whether there are any other similar controls that >>>> aren't working in FF 32. >>>> >>>> If you can attach a public key and other data that illustrates the >>>> problem, that would be great just to make sure that we can repro it. >>>> Thank you. >>>> >>>> -- >>>> Stephen Turner >>>> >>>> >>>> -Original Message- >>>> From: France [mailto:mailingli...@isg.si] >>>> Sent: 25 September 2014 14:52 >>>> To: dev@cloudstack.apache.org >>>> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >>>> >>>> There is a bug in ACS 4.3.1 GUI. >>>> The before mentioned process did not work with Firefox 32.0.2, while >>>> it worked on latest Chrome. >>>> Because the problem is on the browser side, it did not reach >>>> management server logs at all. >>>> I have done everything correct. Even a couple of times. ;-) >>>> >>>> Hopefully this mail will help someone in the future. I would also >>>> advise to update the documentation on the issue. >>>> >>>> Do you want me to open a bug report for this? I am a little >>>> reluctant to do so, because
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
Suresh is awesome. Hope Citrix knows that. :-) We diagnosed the issue with ACS 4.3.1 and Firefox browser, and Suresh will update this thread with details. Regards, F. On 15 Oct 2014, at 13:55, France wrote: > Because i do not check this mailing list every day due to actual payed work, > i have not seen your request. > I will contact you right now. > > > On 08 Oct 2014, at 20:10, Suresh Sadhu wrote: > >> Sure Nitin and as of now I didn't hear anything from France. >> >> Regards >> sadhu >> >> -Original Message- >> From: Nitin Mehta [mailto:nitin.me...@citrix.com] >> Sent: 08 October 2014 21:57 >> To: dev@cloudstack.apache.org >> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >> >> Sadhu - Please do update the thread once you have some observation. Thanks >> >> -Nitin >> >> On 08/10/14 5:27 AM, "Suresh Sadhu" wrote: >> >>> HI France, >>> >>> I can help today . >>> My personal email id is mailtosa...@gmail.com >>> >>> >>> Regards >>> sadhu >>> >>> -----Original Message- >>> From: Stephen Turner [mailto:stephen.tur...@citrix.com] >>> Sent: 08 October 2014 17:43 >>> To: dev@cloudstack.apache.org >>> Subject: RE: Urgent. Importing certificate to CS 4.3.1 using GUI >>> >>> France, I'm sorry, but I'm about to go away for three weeks, and I'm >>> not going to have time to work on this. >>> >>> Is there anyone else who could help France? Is anyone else seeing the >>> problem, because I couldn't reproduce it? >>> >>> -- >>> Stephen Turner >>> >>> >>> >>> -Original Message- >>> From: France [mailto:mailingli...@isg.si] >>> Sent: 08 October 2014 11:44 >>> To: dev@cloudstack.apache.org >>> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >>> >>> Send me a private email and you can test it on my exact system with all >>> development options turned on as you wish. >>> We will do it via remote screen sharing, like VNC, RDP, Teamviewer, .. >>> >>> Regards, >>> F. >>> >>> On 26 Sep 2014, at 16:53, Stephen Turner >>> wrote: >>> >>>> I'm afraid I couldn't reproduce this, even with your certificate and >>>> private key. Everything I tried, I got "Update Certiciate [sic] >>>> Succeeded". >>>> >>>> Does anyone else have a convenient 4.3 and FF 32 that they can try >>>> and repro this with? >>>> >>>> France, if you open the developer tools in Firefox and do this again, >>>> do you see any errors? >>>> >>>> -- >>>> Stephen Turner >>>> >>>> >>>> -Original Message- >>>> From: France [mailto:mailingli...@isg.si] >>>> Sent: 26 September 2014 13:44 >>>> To: Stephen Turner >>>> Cc: dev@cloudstack.apache.org >>>> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >>>> >>>> Issue has been created. >>>> I would assign it to you, but lack credentials? >>>> >>>> https://issues.apache.org/jira/browse/CLOUDSTACK-7635 >>>> >>>> Regards, >>>> F. >>>> >>>> On 26 Sep 2014, at 11:47, Stephen Turner >>>> wrote: >>>> >>>>> Yes, I would like a bug report for this. Please assign it to me. >>>>> This bit of UI has been rewritten on master, but it should work the >>>>> same in all browsers, so I'd like to investigate whether it's fixed >>>>> on master, and also whether there are any other similar controls that >>>>> aren't working in FF 32. >>>>> >>>>> If you can attach a public key and other data that illustrates the >>>>> problem, that would be great just to make sure that we can repro it. >>>>> Thank you. >>>>> >>>>> -- >>>>> Stephen Turner >>>>> >>>>> >>>>> -Original Message- >>>>> From: France [mailto:mailingli...@isg.si] >>>>> Sent: 25 September 2014 14:52 >>>>> To: dev@cloudstack.apache.org >>>>> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >>>>> &g
Re: Urgent. Importing certificate to CS 4.3.1 using GUI
If required, we can share tomcat configuration file. Screenshots and all info is with Sadhu. Regards, F. On 24 Oct 2014, at 18:36, Stephen Turner wrote: > I'm still puzzled why it would have worked on my Firefox too. There must be > some difference in configuration. > > -- > Stephen Turner > > > -Original Message- > From: Amogh Vasekar [mailto:amogh.vase...@citrix.com] > Sent: 23 October 2014 16:18 > To: dev@cloudstack.apache.org > Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI > > Hi, > > He certainly is :-) > Can you share the screenshot of firebug request and response so as to > diagnose better? > Also, was the upload call made as admin or regular user? > > Thanks, > Amogh > > On 10/23/14 3:27 AM, "Suresh Sadhu" wrote: > >> Thanks France, We(France &myself) have diagnosed the problem and in >> firefox after uploading the certificate it shows "HTTP Error 501 Not >> implemented" error in api response(firebug output )and >> >> The request is not reaching the server itself(CS management server and >> api server logs not shown any API request details ..) so probably the >> failure is due to client side settings or due to some other problem. >> >> We need to identify reasons for "HTTP error 501 not implemented." >> http://www.checkupdown.com/status/E501.html >> >> Amogh/Nitin : can you please check in which cases this 501 not >> implemented will occur. >> >> Regards >> Sadhu >> >> >> >> >> >> >> >> -Original Message- >> From: France [mailto:mailingli...@isg.si] >> Sent: 23 October 2014 15:43 >> To: dev@cloudstack.apache.org >> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >> >> Suresh is awesome. Hope Citrix knows that. :-) We diagnosed the issue >> with ACS 4.3.1 and Firefox browser, and Suresh will update this thread >> with details. >> >> Regards, >> F. >> >> >> On 15 Oct 2014, at 13:55, France wrote: >> >>> Because i do not check this mailing list every day due to actual >>> payed work, i have not seen your request. >>> I will contact you right now. >>> >>> >>> On 08 Oct 2014, at 20:10, Suresh Sadhu wrote: >>> >>>> Sure Nitin and as of now I didn't hear anything from France. >>>> >>>> Regards >>>> sadhu >>>> >>>> -Original Message- >>>> From: Nitin Mehta [mailto:nitin.me...@citrix.com] >>>> Sent: 08 October 2014 21:57 >>>> To: dev@cloudstack.apache.org >>>> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >>>> >>>> Sadhu - Please do update the thread once you have some observation. >>>> Thanks >>>> >>>> -Nitin >>>> >>>> On 08/10/14 5:27 AM, "Suresh Sadhu" wrote: >>>> >>>>> HI France, >>>>> >>>>> I can help today . >>>>> My personal email id is mailtosa...@gmail.com >>>>> >>>>> >>>>> Regards >>>>> sadhu >>>>> >>>>> -Original Message- >>>>> From: Stephen Turner [mailto:stephen.tur...@citrix.com] >>>>> Sent: 08 October 2014 17:43 >>>>> To: dev@cloudstack.apache.org >>>>> Subject: RE: Urgent. Importing certificate to CS 4.3.1 using GUI >>>>> >>>>> France, I'm sorry, but I'm about to go away for three weeks, and >>>>> I'm not going to have time to work on this. >>>>> >>>>> Is there anyone else who could help France? Is anyone else seeing >>>>> the problem, because I couldn't reproduce it? >>>>> >>>>> -- >>>>> Stephen Turner >>>>> >>>>> >>>>> >>>>> -Original Message- >>>>> From: France [mailto:mailingli...@isg.si] >>>>> Sent: 08 October 2014 11:44 >>>>> To: dev@cloudstack.apache.org >>>>> Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI >>>>> >>>>> Send me a private email and you can test it on my exact system with >>>>> all development options turned on as you wish. >>>>> We will do it via remote screen sharing, like VNC, RDP, Teamviewer, .. >>>>>
Release plan for 4.3.2 ? If any.
Hi guys, there are quite some bugfixes in repository from 4.3.1 onwards. Is there a plan to release 4.3.2 containing lots of these bugfixes? I know shapeblue has published their builds including lots bugfixes, but would you really want people to start using shapeblue’s repositories instead of official ones? Regards, F.
Please confirm this is a bug and not misconifguration -> 4.3.1: Failed to create a volume from snapshot
Hi guys, can someone please look at the exemption from the log and confirm this is a bug and not misconfiguration. If we are on the road to 4.3.2 release, it might get fixed and included in it. Thank you! The bug report is here: https://issues.apache.org/jira/browse/CLOUDSTACK-8014 Regards, F.
Re: Please confirm this is a bug and not misconifguration -> 4.3.1: Failed to create a volume from snapshot
I have added the additional info as requested. How can we get someone who knows the code a bit more, to look at the bug report? Should I send the private mail over to Rohit Yadav, who seems currently to be working on 3.4.2 release back-porting patches and all? Thank you. F. On 05 Dec 2014, at 15:50, Erik Weber wrote: > I'm not a dev but this seems strange: > >> 2014-12-03 12:20:46,612 DEBUG [o.a.c.s.a.ClusterScopeStoragePoolAllocator] > (Job-Executor-166:ctx-d915e890 ctx-d7a11540) Removing pool > Pool[208|IscsiLUN] from avoid set, must have been inserted when searching > for another disk's tag >> 2014-12-03 12:20:46,614 DEBUG [o.a.c.s.a.AbstractStoragePoolAllocator] > (Job-Executor-166:ctx-d915e890 ctx-d7a11540) Checking if storage pool is > suitable, name: null ,poolId: 208 >> 2014-12-03 12:20:46,617 DEBUG [c.c.s.StorageManagerImpl] > (Job-Executor-166:ctx-d915e890 ctx-d7a11540) Checking pool 208 for storage, > totalSize: 1520242262016, usedBytes: 865985363968, usedPct: > 0.569636422828828, disable threshold: 0.95 > > > First it puts pool 208 into avoid set, then it tries to check it. > > Hopefully someone who knows the code a bit could clarify if this is > intended or a bug. > > -- > Erik > > On Fri, Dec 5, 2014 at 2:02 PM, France wrote: > >> Hi guys, >> >> can someone please look at the exemption from the log and confirm this is >> a bug and not misconfiguration. If we are on the road to 4.3.2 release, it >> might get fixed and included in it. >> Thank you! >> >> The bug report is here: >> https://issues.apache.org/jira/browse/CLOUDSTACK-8014 >> >> Regards, >> F. >> >>
Re: [DISCUSS] Any issues to be fixed for 4.3.1?
Hi Rohit,
Here are a few issues (without resolution). Maybe you can help get a fix in
time for 4.3.2 release:
Snapshosts errors after upgrade 4.1.1 to 4.3.1:
https://issues.apache.org/jira/browse/CLOUDSTACK-8013
Failed to create a volume from snapshot:
https://issues.apache.org/jira/browse/CLOUDSTACK-8014
Virtual Router only with DHCP should not have DNS service
https://issues.apache.org/jira/browse/CLOUDSTACK-4675
Excessive use of LVM snapshots on XenServer, that leads to snapshot failure and
unnecessary disk usage.
https://issues.apache.org/jira/browse/CLOUDSTACK-6060
Possibly this one too:
Failed to create snapshot due to an internal error creating snapshot for volume
372 -> Failure from sparse_dd: Fatal error: exception Invalid_argument("index
out of bounds”):
https://issues.apache.org/jira/browse/CLOUDSTACK-8044?filter=-2
Some others, you have already back-ported. For that we thank you.
Thank you,
Regards,
F.
On 20 Nov 2014, at 10:15, Rohit Yadav wrote:
> Hi,
>
> We’ve some bugfixes backported to 4.3 branch since 4.3.1 was released and I
> think we should at least support this branch with a 4.3.2 release in next
> couple of weeks until a stable 4.5.0 is released in next couple of months.
>
> I’m going through JIRA and list of issues and will help backport fixes to the
> 4.3 branch. So, please share if you’ve found any blocker/critical/major issue
> that you found in 4.3.0 or 4.3.1 and want to be fixed. Thanks.
>
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 88 262 30892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build
Re: [DISCUSS] Any issues to be fixed for 4.3.1?
I understand.
Thank you for your effort Rohit.
Regards,
F.
On 09 Dec 2014, at 13:39, Rohit Yadav wrote:
> Hi France,
>
> I'll try too go through them and see if I can fix them, everyone in the
> community is encouraged to help fix test.
> If they are already fixed, I can help with backporting them and testing them.
>
> I don't want to delay 4.3.2 release further because there is a security issue
> that will be shipped with 4.3.2 and we have not done any official ACS release
> to answer that, I think we should fix blockers or critical bugs for 4.3.2 and
> effort on testing it now. We'll keep working on these and other pending bugs,
> and if they don't make it to 4.3.2 we can always work on 4.3.3 etc.
>
> On Monday 08 December 2014 03:06 PM, France wrote:
>> Hi Rohit,
>>
>> Here are a few issues (without resolution). Maybe you can help get a fix in
>> time for 4.3.2 release:
>>
>> Snapshosts errors after upgrade 4.1.1 to 4.3.1:
>> https://issues.apache.org/jira/browse/CLOUDSTACK-8013
>>
>> Failed to create a volume from snapshot:
>> https://issues.apache.org/jira/browse/CLOUDSTACK-8014
>>
>> Virtual Router only with DHCP should not have DNS service
>> https://issues.apache.org/jira/browse/CLOUDSTACK-4675
>>
>> Excessive use of LVM snapshots on XenServer, that leads to snapshot failure
>> and unnecessary disk usage.
>> https://issues.apache.org/jira/browse/CLOUDSTACK-6060
>>
>> Possibly this one too:
>> Failed to create snapshot due to an internal error creating snapshot for
>> volume 372 -> Failure from sparse_dd: Fatal error: exception
>> Invalid_argument("index out of bounds”):
>> https://issues.apache.org/jira/browse/CLOUDSTACK-8044?filter=-2
>>
>> Some others, you have already back-ported. For that we thank you.
>>
>> Thank you,
>> Regards,
>> F.
>>
>>
>> On 20 Nov 2014, at 10:15, Rohit Yadav wrote:
>>
>> > Hi,
>> >
>> > We’ve some bugfixes backported to 4.3 branch since 4.3.1 was released and
>> > I think we should at least support this branch with a 4.3.2 release in
>> > next couple of weeks until a stable 4.5.0 is released in next couple of
>> > months.
>> >
>> > I’m going through JIRA and list of issues and will help backport fixes to
>> > the 4.3 branch. So, please share if you’ve found any
>> > blocker/critical/major issue that you found in 4.3.0 or 4.3.1 and want to
>> > be fixed. Thanks.
>> >
>> > Regards,
>> > Rohit Yadav
>> > Software Architect, ShapeBlue
>> > M. +91 88 262 30892 | rohit.ya...@shapeblue.com
>> > Blog: bhaisaab.org | Twitter: @_bhaisaab
>> >
>> > Find out more about ShapeBlue and our range of CloudStack related services
>> >
>> > IaaS Cloud Design &
>> > Build<http://shapeblue.com/iaas-cloud-design-and-build//>
>> > CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
>> > CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
>> > CloudStack Software
>> > Engineering<http://shapeblue.com/cloudstack-software-engineering/>
>> > CloudStack Infrastructure
>> > Support<http://shapeblue.com/cloudstack-infrastructure-support/>
>> > CloudStack Bootcamp Training
>> > Courses<http://shapeblue.com/cloudstack-training/>
>>
>
> --
> Regards,
> Rohit Yadav
> Software Architect, ShapeBlue
> M. +91 8826230892 | rohit.ya...@shapeblue.com
> Blog: bhaisaab.org | Twitter: @_bhaisaab
> PS. If you see any footer below, I did not add it :)
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Software
> Engineering<http://shapeblue.com/cloudstack-software-engineering/>
> CloudStack Infrastructure
> Support<http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training
> Courses<http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based upon
> its contents, nor copy or show it to anyone. Please contact the sender if you
> believe you have received this email in error. Shape Blue Ltd is a company
> incorporated in England & Wales. ShapeBlue Services India LLP is a company
> incorporated in India and is operated under license from Shape Blue Ltd.
> Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is
> operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company
> registered by The Republic of South Africa and is traded under license from
> Shape Blue Ltd. ShapeBlue is a registered trademark.
Which 4.3.2 CS build to use? Shapeblue's version or build from official repos?
Hi all, we will upgrade CS 4.3.1 (from http://cloudstack.apt-get.eu/rhel/4.3/) to 4.3.2 this weekend. In official repos: http://cloudstack.apt-get.eu/rhel/4.3/ there is no 4.3.2. There is some build in Shapeblue’s repo: http://packages.shapeblue.com/cloudstack/upstream/centos/4.3/ and they also provide additionally pached build via: http://packages.shapeblue.com/cloudstack/main/centos/4.3/ Is there any reason not to choose their patched version and change the yum repository? Tnx for info. Regards, F.
Re: Upgrading 4.3.1 to 4.3.2 including system templates - quick help please
Anyone? On 24 Jun 2015, at 15:07, France wrote: > Hi all, > > we got CS 4.3.1 which we will upgrade to 4.3.2 this weekend, using RPMs from > shapeblue (http://packages.shapeblue.com/cloudstack/main/centos/4.3/). > > Following the instructions at: > http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.3.2/rnotes.html#upgrade-from-4-3-1-to-4-3-2 > > First problem I notice, that there is no link provided for vhd-utils from the > last step of the upgrade. > Where can we get the right vhd-utils as required? > > Also no step in upgrade docs is mentioning of the system-vm template upgrade. > I see Shapeblue provides a link to ?updated? templates: > http://packages.shapeblue.com/systemvmtemplate/4.3/ > But i failed to find instructions how to update them. Are they updated when > updating base RPMs? I doubt it. > Please direct us, to the correct instructions for updating templates. > > Thank you for your help/responses. > Regards, > France.
Re: Which 4.3.2 CS build to use? Shapeblue's version or build from official repos?
Tnx for response Rajani, it is greatly appreciated. You are correct, I do not know how i missed out, 4.3.2 in official repos. Probably due to too much work. :-) However your response in regards of which to choose, does not really help me. I have decided none the less, to use additionally patched build from Shapeblue. Unless someone warns me about potential problems with their patches, we will stick to my decision for this weekends upgrade. Regards, F. On 25 Jun 2015, at 06:01, Rajani Karuturi wrote: > you can use anything as long as it works for you. > AFAIK, packages on apt-get.eu are created from the point where RC is voted > and they do have 4.3.2 in the link you mentioned above. > > ~Rajani > > On Wed, Jun 24, 2015 at 6:19 PM, France wrote: > >> Hi all, >> >> we will upgrade CS 4.3.1 (from http://cloudstack.apt-get.eu/rhel/4.3/) to >> 4.3.2 this weekend. >> >> In official repos: http://cloudstack.apt-get.eu/rhel/4.3/ there is no >> 4.3.2. >> There is some build in Shapeblue’s repo: >> http://packages.shapeblue.com/cloudstack/upstream/centos/4.3/ >> and they also provide additionally pached build via: >> http://packages.shapeblue.com/cloudstack/main/centos/4.3/ >> >> Is there any reason not to choose their patched version and change the yum >> repository? >> >> Tnx for info. >> Regards, >> F. >> >>
Re: Upgrading 4.3.1 to 4.3.2 including system templates - quick help please
OK, I was able to find instructions for upgrading templates: http://www.shapeblue.com/cloudstack-and-the-ghost-vulnerabilitystack/ it even has a nice script, which we will try this weekend. Also for vhd-utils link, I have found vhd-utils at: http://download.cloud.com.s3.amazonaws.com/tools/vhd-util If these are not correct for CS 4.3.* and XS 6.0.2*, someone please let us know. Hopefully this mail will help others upgrade, if they see it. Regards, F. On 26 Jun 2015, at 11:40, France wrote: > Anyone? > > > On 24 Jun 2015, at 15:07, France wrote: > >> Hi all, >> >> we got CS 4.3.1 which we will upgrade to 4.3.2 this weekend, using RPMs from >> shapeblue (http://packages.shapeblue.com/cloudstack/main/centos/4.3/). >> >> Following the instructions at: >> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.3.2/rnotes.html#upgrade-from-4-3-1-to-4-3-2 >> >> First problem I notice, that there is no link provided for vhd-utils from >> the last step of the upgrade. >> Where can we get the right vhd-utils as required? >> >> Also no step in upgrade docs is mentioning of the system-vm template upgrade. >> I see Shapeblue provides a link to ?updated? templates: >> http://packages.shapeblue.com/systemvmtemplate/4.3/ >> But i failed to find instructions how to update them. Are they updated when >> updating base RPMs? I doubt it. >> Please direct us, to the correct instructions for updating templates. >> >> Thank you for your help/responses. >> Regards, >> France. >
Re: Upgrading 4.3.1 to 4.3.2 including system templates - quick help please
Seems like this q. is related. Andria, which CS build would/do you use? Which would you personally recommend? I will go with 3.2.2 + patches from shapeblue. Official build: http://cloudstack.apt-get.eu/rhel/4.3/ There also build in Shapeblue’s repo based on 4.3.2 : http://packages.shapeblue.com/cloudstack/upstream/centos/4.3/ And they also provide additionally pached build via: http://packages.shapeblue.com/cloudstack/main/centos/4.3/ Regards, F. On 26 Jun 2015, at 13:01, Andrija Panic wrote: > http://packages.shapeblue.com/tools/ghost-systemvm-upgrader.py is a > shapeblue's stuff, if they are fine - then no problem :) > > But I see inside the script, it's hardcoded to 4.3 and 4.4 vesions, and it > loads templates from shapeblue's repos only > > So again we might go back to the story (not sure what was decided there) of > hosting stuff on apt-get.eu or shapeblue, or both etc... > > Would be nice to have some general decision arround this...and then, yes, > make/update documentation... > > On 26 June 2015 at 12:52, Erik Weber wrote: > >> Edit it and send a piller request :-) >> >> Erik >> >> Den fredag 26. juni 2015 skrev Andrija Panic >> følgende: >> >>> I also used this approach - worked for me. >>> >>> It would be nice if we could put this somewhere in the official docs in >> ACS >>> repo... >>> >>> On 26 June 2015 at 12:35, France > >>> wrote: >>> >>>> OK, I was able to find instructions for upgrading templates: >>>> http://www.shapeblue.com/cloudstack-and-the-ghost-vulnerabilitystack/ >>>> it even has a nice script, which we will try this weekend. >>>> >>>> Also for vhd-utils link, I have found vhd-utils at: >>>> http://download.cloud.com.s3.amazonaws.com/tools/vhd-util >>>> >>>> If these are not correct for CS 4.3.* and XS 6.0.2*, someone please let >>> us >>>> know. >>>> Hopefully this mail will help others upgrade, if they see it. >>>> >>>> Regards, >>>> F. >>>> >>>> On 26 Jun 2015, at 11:40, France > >>> wrote: >>>> >>>>> Anyone? >>>>> >>>>> >>>>> On 24 Jun 2015, at 15:07, France > > >>> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> we got CS 4.3.1 which we will upgrade to 4.3.2 this weekend, using >>> RPMs >>>> from shapeblue ( >>> http://packages.shapeblue.com/cloudstack/main/centos/4.3/ >>>> ). >>>>>> >>>>>> Following the instructions at: >>>>>> >>>> >>> >> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.3.2/rnotes.html#upgrade-from-4-3-1-to-4-3-2 >>>>>> >>>>>> First problem I notice, that there is no link provided for vhd-utils >>>> from the last step of the upgrade. >>>>>> Where can we get the right vhd-utils as required? >>>>>> >>>>>> Also no step in upgrade docs is mentioning of the system-vm template >>>> upgrade. >>>>>> I see Shapeblue provides a link to ?updated? templates: >>>> http://packages.shapeblue.com/systemvmtemplate/4.3/ >>>>>> But i failed to find instructions how to update them. Are they >> updated >>>> when updating base RPMs? I doubt it. >>>>>> Please direct us, to the correct instructions for updating >> templates. >>>>>> >>>>>> Thank you for your help/responses. >>>>>> Regards, >>>>>> France. >>>>> >>>> >>>> >>> >>> >>> -- >>> >>> Andrija Panić >>> >> > > > > -- > > Andrija Panić
http://cloudstack.apt-get.eu/rhel/ seems down for a few hours now
JFYI: http://cloudstack.apt-get.eu/rhel/ seems down for a few hours now
CS 4.3.2 RPM builds have dependencies on i686 glibc?! while 4.3.1 do not.
Hi guys, we are upgrading CS 4.3.1 to 4.3.2 currently. Official repo listed on: https://cloudstack.apache.org/downloads.html which is: http://cloudstack.apt-get.eu/rhel/ is currently down. I was able to find packages on some other mirror: http://mirrors.coreix.net/cloudstack.apt-get.eu/rhel/4.3/ just to test it out. The below description is also true if, using repos from Shapeblue (http://packages.shapeblue.com/cloudstack/main/centos/4.3, http://packages.shapeblue.com/cloudstack/main/centos/4.3/), which are currently working. We will be installing from Shapeblues main repo. After updating whole system, only CS was left. However I see that it wants to pull i686 libraries! It seems to me that there is an error in packaging process or. does CS upgrading from 4.3.1 to 4.3.2 suddenly require i686 glibc to work? [root@mc1 yum.repos.d]# yum clean Loaded plugins: fastestmirror, priorities Error: clean requires an option: headers, packages, metadata, dbcache, plugins, expire-cache, rpmdb, all [root@mc1 yum.repos.d]# yum update Loaded plugins: fastestmirror, priorities Setting up Update Process Loading mirror speeds from cached hostfile * base: mirror.lihnidos.org * epel: mirror.vutbr.cz * extras: mirror.lihnidos.org * updates: mirror.lihnidos.org 118 packages excluded due to repository priority protections Resolving Dependencies --> Running transaction check ---> Package cloudstack-awsapi.x86_64 0:4.3.1-1.el6 will be updated ---> Package cloudstack-awsapi.x86_64 0:4.3.2-1.el6 will be an update ---> Package cloudstack-common.x86_64 0:4.3.1-1.el6 will be updated ---> Package cloudstack-common.x86_64 0:4.3.2-1.el6 will be an update --> Processing Dependency: libc.so.6(GLIBC_2.3) for package: cloudstack-common-4.3.2-1.el6.x86_64 --> Processing Dependency: libuuid.so.1 for package: cloudstack-common-4.3.2-1.el6.x86_64 ---> Package cloudstack-management.x86_64 0:4.3.1-1.el6 will be updated ---> Package cloudstack-management.x86_64 0:4.3.2-1.el6 will be an update ---> Package cloudstack-usage.x86_64 0:4.3.1-1.el6 will be updated ---> Package cloudstack-usage.x86_64 0:4.3.2-1.el6 will be an update --> Running transaction check ---> Package glibc.i686 0:2.12-1.149.el6_6.9 will be installed --> Processing Dependency: libfreebl3.so(NSSRAWHASH_3.12.3) for package: glibc-2.12-1.149.el6_6.9.i686 --> Processing Dependency: libfreebl3.so for package: glibc-2.12-1.149.el6_6.9.i686 ---> Package libuuid.i686 0:2.17.2-12.18.el6 will be installed --> Running transaction check ---> Package nss-softokn-freebl.i686 0:3.14.3-22.el6_6 will be installed --> Finished Dependency Resolution Dependencies Resolved PackageArch VersionRepository Size Updating: cloudstack-awsapi x86_64 4.3.2-1.el6apache-cloudstack 84 M cloudstack-common x86_64 4.3.2-1.el6apache-cloudstack 94 M cloudstack-management x86_64 4.3.2-1.el6apache-cloudstack 75 M cloudstack-usage x86_64 4.3.2-1.el6apache-cloudstack 39 M Installing for dependencies: glibc i686 2.12-1.149.el6_6.9 updates 4.3 M libuuidi686 2.17.2-12.18.el6 base 69 k nss-softokn-freebl i686 3.14.3-22.el6_6updates 157 k Transaction Summary Install 3 Package(s) Upgrade 4 Package(s) Total download size: 296 M Is this ok [y/N]:
Re: http://cloudstack.apt-get.eu/rhel/ seems down for a few hours now
Tnx Wildo, I saw it came back, after we already upgraded to Shapeblues version. Found that mirror also. :-) On 29 Jun 2015, at 08:25, Wido den Hollander wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > On 06/28/2015 08:38 PM, Nux! wrote: >> France, >> >> Works now, at least for me, BTW it is also mirrored here >> http://mirrors.coreix.net/cloudstack.apt-get.eu/ >> > > The VM crashed (I think). I rebooted it when I saw the e-mail, but I > didn't had a chance to respond to the ml. > > Wido > > >> -- Sent from the Delta quadrant using Borg technology! >> >> Nux! www.nux.ro >> >> - Original Message - >>> From: "France" To: >>> dev@cloudstack.apache.org Sent: Sunday, 28 June, 2015 13:24:44 >>> Subject: http://cloudstack.apt-get.eu/rhel/ seems down for a few >>> hours now >> >>> JFYI: http://cloudstack.apt-get.eu/rhel/ seems down for a few >>> hours now > -BEGIN PGP SIGNATURE- > Version: GnuPG v1 > > iQIcBAEBAgAGBQJVkOTrAAoJEAGbWC3bPspCwVgP/RDssP8golBqi71oro6JHPya > mGdwKeMB0uYbGoatzTTORY8xFWFcWj4dMBOu9zkUDt60Kyk7CO2C7LDDbl06wSpn > T6Qg+c63uFaln7kDkrnKhszSMbWmprFITTvaj38zzMfmUKLQZzY0BmLDbg1CRPFJ > 3M75Qxu0Ln9QXDuwGZQYaCegtH3nUAn/2MlYUfZ+LRiPzrwTijwE15C5l64Jg32u > MbqGkiCTh5rjUxiNGa9EdveZx7SAnLFQlzXytjMtOh41Pvq5HaGGSCWGGnZOFIAl > HQXwhQ/oVJ3+uI87Vu7oLhuIiNX53N+60H04JJnT14EVH122jcB8zSfV0cpkzKGZ > ZD2D6t5GtehVUVFKT4YgnZtM3+wvcK3dF+NqvgdIURGivXO5xLs8sem+4FIb5p2a > LcN/AcAN6+veGZt183sgomdnNfk6qu9/GXuP8JPdpgHgPBgADp86IJNDUfn0H8zy > +O/C8XRLts1806fBAhVhUglG+09hISAKQShD5/pHP0RxKlmwJErbtnimUURrC6WX > mybm8ytqE4lEtsrijNFox1rB8QbcYBKqDn70xvGFGSIOWQMmy0rgumT/1++m5mw0 > 30HiHt4sSmR6D2uImepOcmfQbjcV8WO3xIh5wBZaOUQK3rOzKL6zwY6jDbCbMc7r > p92FYV5NsasQ7/ttl57m > =4S2E > -END PGP SIGNATURE-
Re: CS 4.3.2 RPM builds have dependencies on i686 glibc?! while 4.3.1 do not.
Hi Rohit Yadav, I am sending this mail personally to you, while CCin mailing lists with hope someone will address this. I see that this package was build on your internal cloud network (cs4angusnet.local) VM named SBPatch-RPM-Builder and it seems like you actually can get fixes for my bug reports done. Regards, F. On 28 Jun 2015, at 15:43, France wrote: > Hi guys, > > we are upgrading CS 4.3.1 to 4.3.2 currently. > > Official repo listed on: https://cloudstack.apache.org/downloads.html which > is: http://cloudstack.apt-get.eu/rhel/ is currently down. > I was able to find packages on some other mirror: > http://mirrors.coreix.net/cloudstack.apt-get.eu/rhel/4.3/ just to test it out. > The below description is also true if, using repos from Shapeblue > (http://packages.shapeblue.com/cloudstack/main/centos/4.3, > http://packages.shapeblue.com/cloudstack/main/centos/4.3/), which are > currently working. We will be installing from Shapeblues main repo. > > After updating whole system, only CS was left. However I see that it wants to > pull i686 libraries! > It seems to me that there is an error in packaging process or. does CS > upgrading from 4.3.1 to 4.3.2 suddenly require i686 glibc to work? > > [root@mc1 yum.repos.d]# yum clean > Loaded plugins: fastestmirror, priorities > Error: clean requires an option: headers, packages, metadata, dbcache, > plugins, expire-cache, rpmdb, all > [root@mc1 yum.repos.d]# yum update > Loaded plugins: fastestmirror, priorities > Setting up Update Process > Loading mirror speeds from cached hostfile > * base: mirror.lihnidos.org > * epel: mirror.vutbr.cz > * extras: mirror.lihnidos.org > * updates: mirror.lihnidos.org > 118 packages excluded due to repository priority protections > Resolving Dependencies > --> Running transaction check > ---> Package cloudstack-awsapi.x86_64 0:4.3.1-1.el6 will be updated > ---> Package cloudstack-awsapi.x86_64 0:4.3.2-1.el6 will be an update > ---> Package cloudstack-common.x86_64 0:4.3.1-1.el6 will be updated > ---> Package cloudstack-common.x86_64 0:4.3.2-1.el6 will be an update > --> Processing Dependency: libc.so.6(GLIBC_2.3) for package: > cloudstack-common-4.3.2-1.el6.x86_64 > --> Processing Dependency: libuuid.so.1 for package: > cloudstack-common-4.3.2-1.el6.x86_64 > ---> Package cloudstack-management.x86_64 0:4.3.1-1.el6 will be updated > ---> Package cloudstack-management.x86_64 0:4.3.2-1.el6 will be an update > ---> Package cloudstack-usage.x86_64 0:4.3.1-1.el6 will be updated > ---> Package cloudstack-usage.x86_64 0:4.3.2-1.el6 will be an update > --> Running transaction check > ---> Package glibc.i686 0:2.12-1.149.el6_6.9 will be installed > --> Processing Dependency: libfreebl3.so(NSSRAWHASH_3.12.3) for package: > glibc-2.12-1.149.el6_6.9.i686 > --> Processing Dependency: libfreebl3.so for package: > glibc-2.12-1.149.el6_6.9.i686 > ---> Package libuuid.i686 0:2.17.2-12.18.el6 will be installed > --> Running transaction check > ---> Package nss-softokn-freebl.i686 0:3.14.3-22.el6_6 will be installed > --> Finished Dependency Resolution > > Dependencies Resolved > > > PackageArch > VersionRepository > Size > > Updating: > cloudstack-awsapi x86_64 > 4.3.2-1.el6apache-cloudstack > 84 M > cloudstack-common x86_64 > 4.3.2-1.el6apache-cloudstack > 94 M > cloudstack-management x86_64 > 4.3.2-1.el6apache-cloudstack > 75 M > cloudstack-usage x86_64 > 4.3.2-1.el6apache-cloudstack > 39 M > Installing for dependencies: > glibc i686 > 2.12-1.149.el6_6.9
Re: CS 4.3.2 RPM builds have dependencies on i686 glibc?! while 4.3.1 do not.
No, it has not beed fixed AFAIK. This is not an issue per se. It is just a unnecessary dependencies, for i686 architecture. All the packages, no matter which repo, have the same issue, starting from 4.3.2. Seems no one cares, as with all issues I have submitted.The only guy who has ever responded and actually fixed a few, was you. This mail should reach who ever prepared the packages, so he can remove the deps which are not actually needed. All details are still below. Regards, F. On 10 Jul 2015, at 19:43, Rohit Yadav wrote: > France, > > Sorry I missed this email. Was your issue solved? The ACS repo you’re using > is same as upstream 4.3.2 release, including the required. dependencies. > >> On 28-Jun-2015, at 7:13 pm, France wrote: >> >> Hi guys, >> >> we are upgrading CS 4.3.1 to 4.3.2 currently. >> >> Official repo listed on: https://cloudstack.apache.org/downloads.html which >> is: http://cloudstack.apt-get.eu/rhel/ is currently down. >> I was able to find packages on some other mirror: >> http://mirrors.coreix.net/cloudstack.apt-get.eu/rhel/4.3/ just to test it >> out. >> The below description is also true if, using repos from Shapeblue >> (http://packages.shapeblue.com/cloudstack/main/centos/4.3, >> http://packages.shapeblue.com/cloudstack/main/centos/4.3/), which are >> currently working. We will be installing from Shapeblues main repo. >> >> After updating whole system, only CS was left. However I see that it wants >> to pull i686 libraries! >> It seems to me that there is an error in packaging process or. does CS >> upgrading from 4.3.1 to 4.3.2 suddenly require i686 glibc to work? >> >> [root@mc1 yum.repos.d]# yum clean >> Loaded plugins: fastestmirror, priorities >> Error: clean requires an option: headers, packages, metadata, dbcache, >> plugins, expire-cache, rpmdb, all >> [root@mc1 yum.repos.d]# yum update >> Loaded plugins: fastestmirror, priorities >> Setting up Update Process >> Loading mirror speeds from cached hostfile >> * base: mirror.lihnidos.org >> * epel: mirror.vutbr.cz >> * extras: mirror.lihnidos.org >> * updates: mirror.lihnidos.org >> 118 packages excluded due to repository priority protections >> Resolving Dependencies >> --> Running transaction check >> ---> Package cloudstack-awsapi.x86_64 0:4.3.1-1.el6 will be updated >> ---> Package cloudstack-awsapi.x86_64 0:4.3.2-1.el6 will be an update >> ---> Package cloudstack-common.x86_64 0:4.3.1-1.el6 will be updated >> ---> Package cloudstack-common.x86_64 0:4.3.2-1.el6 will be an update >> --> Processing Dependency: libc.so.6(GLIBC_2.3) for package: >> cloudstack-common-4.3.2-1.el6.x86_64 >> --> Processing Dependency: libuuid.so.1 for package: >> cloudstack-common-4.3.2-1.el6.x86_64 >> ---> Package cloudstack-management.x86_64 0:4.3.1-1.el6 will be updated >> ---> Package cloudstack-management.x86_64 0:4.3.2-1.el6 will be an update >> ---> Package cloudstack-usage.x86_64 0:4.3.1-1.el6 will be updated >> ---> Package cloudstack-usage.x86_64 0:4.3.2-1.el6 will be an update >> --> Running transaction check >> ---> Package glibc.i686 0:2.12-1.149.el6_6.9 will be installed >> --> Processing Dependency: libfreebl3.so(NSSRAWHASH_3.12.3) for package: >> glibc-2.12-1.149.el6_6.9.i686 >> --> Processing Dependency: libfreebl3.so for package: >> glibc-2.12-1.149.el6_6.9.i686 >> ---> Package libuuid.i686 0:2.17.2-12.18.el6 will be installed >> --> Running transaction check >> ---> Package nss-softokn-freebl.i686 0:3.14.3-22.el6_6 will be installed >> --> Finished Dependency Resolution >> >> Dependencies Resolved >> >> >> PackageArch >> VersionRepository >> Size >> >> Updating: >> cloudstack-awsapi x86_64 >> 4.3.2-1.el6 >> apache-cloudstack 84 M >> cloudstack-common x86_64 >> 4.3.2-1
