Ask Your Question

everett-toews's profile - activity

2017-03-29 03:32:54 -0500 received badge  Popular Question (source)
2017-03-29 03:32:54 -0500 received badge  Famous Question (source)
2017-03-29 03:32:54 -0500 received badge  Notable Question (source)
2017-03-21 03:53:30 -0500 received badge  Notable Question (source)
2016-02-08 07:06:17 -0500 received badge  Popular Question (source)
2016-01-28 04:50:16 -0500 received badge  Popular Question (source)
2015-06-23 06:08:25 -0500 received badge  Famous Question (source)
2014-11-20 09:20:32 -0500 received badge  Notable Question (source)
2014-11-08 11:53:39 -0500 received badge  Famous Question (source)
2014-09-15 02:26:10 -0500 received badge  Popular Question (source)
2014-09-15 02:26:10 -0500 received badge  Notable Question (source)
2014-08-29 07:50:30 -0500 received badge  Popular Question (source)
2014-07-18 13:31:19 -0500 received badge  Popular Question (source)
2014-07-18 13:31:19 -0500 received badge  Notable Question (source)
2013-02-27 20:58:21 -0500 answered a question How to start programming with keystone and adding my own patch

It's as easy as 1-2-3!

  1. https://wiki.openstack.org/wiki/How_To_Contribute (https://wiki.openstack.org/wiki/How_T...)
  2. https://wiki.openstack.org/wiki/Gerrit_Workflow (https://wiki.openstack.org/wiki/Gerri...)
  3. http://docs.openstack.org/developer/keystone/ (http://docs.openstack.org/developer/k...)

There may be a few sub-steps to those. ;)

Best of luck!

2012-11-05 14:39:06 -0500 answered a question nova-volume api

The nova-volume API is an extension of the Nova API. To see if it's supported by your deployment of OpenStack do

curl -s http://166.78.1.82:8774/v2/71af7f7c547e49219d40e738968cdf07/extensions (http://166.78.1.82:8774/v2/71af7f7c54...) -H "X-Auth-Token: $TOKEN" -H "Content-type: application/json" | python -mjson.tool | grep volume

If it's supported you'll see

"alias": "os-volume-types", "namespace": "http://docs.openstack.org/compute/ext/volume_types/api/v1.1", "alias": "os-volumes", "namespace": "http://docs.openstack.org/compute/ext/volumes/api/v1.1",

This means you can access volumes like so

curl -s http://166.78.1.82:8774/v2/71af7f7c547e49219d40e738968cdf07/os-volumes (http://166.78.1.82:8774/v2/71af7f7c54...) -H "X-Auth-Token: $TOKEN" -H "Content-type: application/json" | python -mjson.tool

Note the v2 in the URL. That's because it's v2 of the Nova API.

If you're working with OpenStack Folsom and you're using the Cinder API then you would do something like

curl -s http://166.78.1.82:8776/v1/71af7f7c547e49219d40e738968cdf07/volumes (http://166.78.1.82:8776/v1/71af7f7c54...) -H "X-Auth-Token: $TOKEN" -H "Content-type: application/json" | python -mjson.tool

Note the port 8776 and v1 in the URL. That's because it's v1 of the Cinder API.

Hope this helps, Everett

On 11/4/12 12:35 PM, "dimas zakky nalendra" question213261@answers.launchpad.net wrote:

New question #213261 on OpenStack Compute (nova): https://answers.launchpad.net/nova/+question/213261 (https://answers.launchpad.net/nova/+q...)

where is the nova-volume api ??

I try using curl -H "X-Auth-Token:b1a1ab453f8140a08cbf8eac753696dc" -H 'Content-type: application/json' http://192.168.1.25:8774/v2/9df7566c066f4ce2b5acbb1aabbf816a/volumes (http://192.168.1.25:8774/v2/9df7566c0...)

and the response is :

<html> <head> <title>404 Not Found</title> </head> <body>

404 Not Found

The resource could not be found.

</body>

in http://api.openstack.org explain that list volume can access with v1/{tenant_id}/volumes

thanks for advice


You received this question notification because you are an answer contact for OpenStack Compute (nova).

2012-07-03 15:00:18 -0500 answered a question Windows instance password generation

Have a look at the work Jordan did for setting the password via UserData at

https://github.com/jordanrinke/openstack

Everett

2012-05-14 17:24:47 -0500 answered a question Packages for ubuntu 10.4 (Lucid)

As far as I know 10.04 is not supported. Your best bet is to move to 12.04 it will be supported, see https://wiki.ubuntu.com/ServerTeam/CloudArchive (https://wiki.ubuntu.com/ServerTeam/Cl...)

2011-12-13 21:13:14 -0500 answered a question SimpleScheduler & SqlAlchemy changes not being applied

Don't forget to add your new functions to nova/db/api.py as well.

Everett

On Tue, Dec 13, 2011 at 1:25 PM, Alejandro Comisario < question181803@answers.launchpad.net > wrote:

New question #181803 on OpenStack Compute (nova): https://answers.launchpad.net/nova/+question/181803 (https://answers.launchpad.net/nova/+q...)

Hey guys, we are making some changes on the "nova\db\sqlalchemy\api.py" and added a function to make a query to sort hosts by free ram.

After that, we modified '"nova\scheduler\simple.py" to call out brand new function, instead of the old one "service_get_all_compute_sorted" changed for "service_get_all_compute_sorted_MB"

We also added some LOGS to the nova.scheduler.manager to log the new calls, but when we restart :

CONTROLLER: nova-network , nova-scheduler, nova-api COMPUTES: libvirt-bin , nova-compute

I dont see, not only the logs, but any attempt to call out new functions, we also tried to delete all the *.pyc from the libs directory.

So, what are we missing ???


You received this question notification because you are an answer contact for OpenStack Compute (nova).

2011-12-05 17:56:00 -0500 answered a question Quota for accounts

What's the best way to get this added as a feature request? Should I open a bug? Should I create a blueprint?

I know this isn't a high priority for big service providers but there is a need for it in the private cloud area. There was also more interest in this feature from https://answers.launchpad.net/swift/+question/175056 (https://answers.launchpad.net/swift/+...)

Thanks, Everett

2011-12-05 17:28:13 -0500 answered a question How to export a snapshot to another cloud?

We wrote a script that does this. Have a look at

https://github.com/canarie/dair/blob/master/OpenStack/glance/glance-transfer-images.py (https://github.com/canarie/dair/blob/...)

Note that this was written against the Cactus version of Glance.

Everett

On Fri, Dec 2, 2011 at 9:25 AM, Michael Hempel < question180737@answers.launchpad.net > wrote:

New question #180737 on OpenStack Compute (nova): https://answers.launchpad.net/nova/+question/180737 (https://answers.launchpad.net/nova/+q...)

Hi, I've created a snapshot of a configured CentOS6 imageon my test-install and want to move it to another cloud. Then I located the image file on the disk and copied it over. I added it to glance with:

glance add -A * name="haproxy-centos6" is_public=true container_format=ami disk_format=ami kernel_id=3 ramdisk_id=4< haproxy-centos6.img

using the same initram and kernel from the clean centos. When I spin it up, it switches to active, but I can't connect to it. The standard centos starts up without problems. Should I add it as raw-image? Regards, Michael


You received this question notification because you are an answer contact for OpenStack Compute (nova).

2011-10-31 17:28:13 -0500 answered a question Unable to get vnc console for instance

In your devstack screen session (that you should be able to attach to using "screen -x") do you see any errors in any of the screens?

In particular in the g-api (glance-api) screen?

Everett

2011-10-31 17:09:45 -0500 answered a question noVNC support for Google Chrome 14+

Finally had a chance to try this out with devstack using the latest nova-wsproxy and it looks like it's working in:

Chrome 15 Firefox 7 Safari 5.1

Thanks.

2011-10-20 15:05:53 -0500 answered a question Network traffic with multiple compute nodes

For this you will need the new high availability option in nova-network in Diablo.

http://docs.openstack.org/diablo/openstack-compute/admin/content/existing-ha-networking-options.html (http://docs.openstack.org/diablo/open...) http://unchainyourbrain.com/openstack/13-networking-in-nova (http://unchainyourbrain.com/openstack...)

We haven't implemented this ourselves so I won't be able to help you with any of the details but hopefully that will get you started.

Everett

On Thu, Oct 20, 2011 at 3:40 AM, Sudhir < question175406@answers.launchpad.net > wrote:

New question #175406 on OpenStack Compute (nova): https://answers.launchpad.net/nova/+question/175406 (https://answers.launchpad.net/nova/+q...)

Hi All,

I guess when we have all in one openstack controller with more than one compute nodes with flat dhcp as the networking all the network traffic in & out of the compute nodes into the instances happens through the nova-network interface(192.168.3.1).

When we have hundreds of instances running then the NIC on the nova controller becomes a bottleneck, is there a way instead of passing through the controller all of the traffic to instances happens directly from compute nodes.

C:\test1>tracert 10.144.201.215 Tracing route to http://in01filer04.internal.xyz.com [10.144.201.215] over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 192.168.3.1 2 <1 ms <1 ms <1 ms indc-c6500-4.internal.xyz.com[10.144.199.254] 3 <1 ms <1 ms <1 ms http://indc-c6500-1-int1-2.internal.xyz.com [10.144.193.5] 4 <1 ms <1 ms <1 ms http://indc-c6500-5-int6-1.internal.xyz.com [10.144.193.10] 5 <1 ms <1 ms <1 ms http://in01filer04.internal.xyz.com [10.144.201.215] Trace complete.

Thanks, Sudhir


You received this question notification because you are an answer contact for OpenStack Compute (nova).

2011-10-14 15:22:46 -0500 answered a question nova-vncproxy with SSL

I haven't tried it with nova-vncproxy but I used stunnel for SSL with nova-api and it worked pretty well. Might be something to try out.

Everett

On Thu, Oct 13, 2011 at 10:50 AM, David Thomas < question174165@answers.launchpad.net > wrote:

New question #174165 on OpenStack Compute (nova): https://answers.launchpad.net/nova/+question/174165 (https://answers.launchpad.net/nova/+q...)

Is there a way to configure the nova-vncproxy service to use SSL for the port it listens on (e.g. 6080)? If not, has anyone attempted to modify the service to work over SSL?

Thanks for any help.


You received this question notification because you are an answer contact for OpenStack Compute (nova).

2011-09-30 19:16:22 -0500 answered a question noVNC support for Google Chrome 14+

I'm hoping to have some time to look at this during the summit or the week after.

Everett

2011-09-22 23:04:52 -0500 asked a question noVNC support for Google Chrome 14+

Hi All,

We're using nova-vncproxy and noVNC ( https://github.com/openstack/noVNC ) and it recently (within the past week) stopped working for us. Also within the past week Google Chrome updated to version 14. No coincidence.

After a lot of trial and error we found that only Safari 5.1 on both the Mac and Windows was still working. Chrome is no longer working. Can anyone confirm this?

Does https://github.com/openstack/noVNC need to pull updates from https://github.com/kanaka/noVNC to improve browser compatibility?

According to https://github.com/kanaka/noVNC/wiki/Browser-support (https://github.com/kanaka/noVNC/wiki/...)

"In general noVNC works on any browser with Canvas and WebSockets support (either native or via web-socket-js) which is just about everything except IE 8 and lower. However, noVNC works best and is fastest in Chrome (any version) and Firefox 4 (with native WebSockets manually enabled, see note 4)."

However the tables below that quote seem to be pretty outdated.

Anyway, I'm not sure if the Dashboard project is the best place to ask the question/make this request. If this is more appropriate for the Nova project, I'll move over there.

Thanks, Everett

2011-08-29 16:35:42 -0500 answered a question euca-attach-volume issue

Have you enabled iSCSI target on the machine running nova-volume?

echo "ISCSITARGET_ENABLE=true" > /etc/default/iscsitarget /etc/init.d/iscsitarget restart

You might also need to set the --iscsi_ip_prefix flag, see http://docs.openstack.org/cactus/openstack-compute/admin/content/reference-for-flags-in-nova-conf.html (http://docs.openstack.org/cactus/open...)

Sounds like you already have the nova-volumes volume group setup. There's more info at,

http://docs.openstack.org/cactus/openstack-compute/admin/content/managing-volumes.html (http://docs.openstack.org/cactus/open...)

Everett

On Sun, Aug 28, 2011 at 12:15 AM, Sudhir < question169359@answers.launchpad.net > wrote:

New question #169359 on OpenStack Compute (nova): https://answers.launchpad.net/nova/+question/169359 (https://answers.launchpad.net/nova/+q...)

Following is my setup :

root@in01emt16:~# euca-describe-availability-zones verbose AVAILABILITYZONE nova available AVAILABILITYZONE |- in01emt16 AVAILABILITYZONE | |- nova-scheduler enabled :-) 2011-08-28 06:06:18 AVAILABILITYZONE | |- nova-network enabled :-) 2011-08-28 06:06:19 AVAILABILITYZONE | |- nova-volume enabled :-) 2011-08-28 06:06:18 AVAILABILITYZONE |- in01emt17 AVAILABILITYZONE | |- nova-compute enabled :-) 2011-08-28 06:06:22

Firewall is disabled on both nodes :

root@in01emt16:~# ufw status Status: inactive

root@in01emt17:~# ufw status Status: inactive

cat /etc/hosts 127.0.0.1 localhost 192.168.3.1 http://in01emt16.synopsys.com in01emt16 192.168.3.2 http://in01emt17.synopsys.com in01emt17

root@in01emt16:~# euca-describe-instances RESERVATION r-6aui4s55 proj default INSTANCE i-0000000c ami-00000002 192.168.3.3 192.168.3.3 running None (proj, in01emt17) 0 m1.small 2011-08-28T05:55:56Z nova

root@in01emt16:~# cat /etc/nova/nova.conf --dhcpbridge_flagfile=/etc/nova/nova.conf --dhcpbridge=/usr/bin/nova-dhcpbridge --logdir=/var/log/nova --state_path=/var/lib/nova --lock_path=/var/lock/nova --verbose=1 --s3_host=10.144.199.85 --rabbit_host=192.168.3.1 --cc_host=192.168.3.1 --fixed_range=192.168.0.0/16 --network_size=8 --ec2_url=http://10.144.199.85:8773/services/Cloud --FAKE_subdomain=ec2 --routing_source_ip=192.168.3.1 --sql_connection=mysql://root:nova@10.144.199.85/nova --glance_host=192.168.3.1 --image_service=nova.image.glance.GlanceImageService --iscsi_ip_prefix=193.168.3 --network_manager=nova.network.manager.FlatDHCPManager --flat_interface=eth1 --flat_injected=False --public_interface=eth0 --flat_network_dhcp_start=192.168.3.3 --volume_manager=nova.volume.manager.VolumeManager --volume_topic=volume

root@in01emt16:~# euca-describe-volumes VOLUME vol-00000005 3 nova available (proj, in01emt16, None, None) 2011-08-27T16:45:44Z VOLUME vol-00000006 1 nova available (proj, in01emt16, None, None) 2011-08-28T05:55:41Z

When I attach a volume from controller to instance there is no error :

euca-attach-volume -i i-0000000c -d /dev/vdc vol-00000006 VOLUME vol-00000006

but in nova-compute.log I see following error due to which the volume doesn't attach to instance :

2011-08-28 11:32:35,414 DEBUG nova.rpc [-] received {u'_context_request_id': u'-VG5KGCH-AUHXCY9J-LT', u'_context_read_deleted': False, u'args': {u'instance_id': 12, u'mountpoint': u'/dev/vdc', u'volume_id': 6}, u'_context_is_admin': True, u'_context_timestamp': u'2011-08-28T06:02:35Z', u'_context_user': u'novaadmin', u'method': u'attach_volume', u'_context_project': u'proj', u'_context_remote_address': u'10.144.199.85'} from (pid=1263) _receive /usr/lib/pymodules/python2.7/nova/rpc.py:167 2011-08-28 11:32:35,414 DEBUG nova.rpc [-] unpacked context: {'timestamp': u'2011-08-28T06:02:35Z', 'remote_address': u'10 ...

(more)
2011-08-25 20:45:57 -0500 answered a question Security group no effect in r1215

The root of this problem is actually because all traffic appears to be coming from the default gateway of the VM, see Determining remote IP from within VM [https://answers.launchpad.net/nova/+question/168570].

The solution to that problem fixed this problem as well.

2011-08-25 20:45:26 -0500 answered a question Determining remote IP from within VM

Turns out (for us) this was a symptom of an overzealous NAT rule in iptables. We're hiding all of our compute nodes behind our management node (aka cloud controller) on a private network and need to do NAT so our compute nodes can get updates and the like from the Internet.

These are the rules we used.

iptables -A FORWARD -i eth0 -o eth1 -s 192.168.2.0/24 -m conntrack --ctstate NEW -j ACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A POSTROUTING -t nat -j MASQUERADE

However if you look at the MASQUERADE rule the last command creates.

root@dair-ua-v01:~# iptables -t nat -L -n -v | grep MASQ 5071 700K MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0

Covers all IPs including the VMs. A more sensible MASQUERADE rule is

iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j MASQUERADE

Which only covers NATing for the compute nodes. Once that rule was in place traffic from the outside world showed up with the proper IP address.

2011-08-19 16:42:43 -0500 asked a question Determining remote IP from within VM

Hi,

When you're inside a VM (KVM in our case) with a floating IP and you receive a connection from a remote machine it always appears as though the IP address is the default gateway of the VM regardless of where the connection is coming from.

For example.

A VM is launched and is given a floating IP.

i-000004f7 28.7.4.29 10.0.4.3

You ssh to that VM from a completely different network with a machine with the IP 44.22.66.99.

On the VM you run tcpdump.

root@i-000004f7:~# tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 16:14:51.076673 IP i-000004f7.novalocal.ssh > 10.0.4.1.50114 16:14:51.077239 IP i-000004f7.novalocal.56502 > 10.0.4.1.domain: 53009+ PTR? 1.4.0.10.in-addr.arpa. (39) 16:14:51.077667 IP 10.0.4.1.50114 > i-000004f7.novalocal.ssh 16:14:51.083420 IP 10.0.4.1.domain > i-000004f7.novalocal.56502: 53009 NXDomain* 0/0/0 (39) 16:14:51.083565 IP i-000004f7.novalocal.48465 > 10.0.4.1.domain: 26532+ PTR? 3.4.0.10.in-addr.arpa. (39) 16:14:51.083942 IP 10.0.4.1.domain > i-000004f7.novalocal.48465: 26532* 1/0/0 PTR i-000004f7.novalocal. (73) 16:14:51.086649 IP i-000004f7.novalocal.ssh > 10.0.4.1.50114 16:14:51.087937 IP 10.0.4.1.50114 > i-000004f7.novalocal.ssh 16:14:51.096715 IP i-000004f7.novalocal.ssh > 10.0.4.1.50114 16:14:51.097941 IP 10.0.4.1.50114 > i-000004f7.novalocal.ssh

tcpdump is showing the ssh connection you've made from 44.22.66.99. So even though you're connecting from 44.22.66.99 the remote address appears to be 10.0.4.1.

Is there a way with OpenStack to determine the remote IP address from within the VM (in Cactus or a future release)?

If not, could it be done manually such that it wouldn't interfere with the iptables rules that OpenStack creates?

BTW, we're using OpenStack Cactus and VLANManager.

Thanks, Everett

2011-08-18 19:21:42 -0500 answered a question Security group no effect in r1215

@soren

Did you have a chance to look at this? Any thoughts?

Thanks, Everett

On Wed, Aug 17, 2011 at 2:05 PM, Soren Hansen < question163006@answers.launchpad.net > wrote:

Question #163006 on OpenStack Compute (nova) changed: https://answers.launchpad.net/nova/+question/163006 (https://answers.launchpad.net/nova/+q...)

Status: Needs information => Answered

Soren Hansen proposed the following answer: Can either of you provide the output of "sudo iptables-save"?


You received this question notification because you are a direct subscriber of the question.

2011-08-17 20:48:57 -0500 answered a question Security group no effect in r1215

I see that the description of allow_same_net_traffic is

"Whether to allow network traffic from same network"

So, even though we're using Cactus, do you think this flag would help?

I'm accessing the instance from my local machine, which is on a completely different network anyway.

Everett

On Wed, Aug 17, 2011 at 2:25 PM, Vish Ishaya < question163006@answers.launchpad.net > wrote:

Question #163006 on OpenStack Compute (nova) changed: https://answers.launchpad.net/nova/+question/163006 (https://answers.launchpad.net/nova/+q...)

Vish Ishaya proposed the following answer: With current trunk, try --noallow_same_net_traffic

Vish

On Aug 17, 2011, at 12:55 PM, Everett Toews wrote:

Question #163006 on OpenStack Compute (nova) changed: https://answers.launchpad.net/nova/+question/163006 (https://answers.launchpad.net/nova/+q...)

Status: Open => Needs information

Everett Toews requested more information: Hi Hugo,

We've actually run into the same problem. Did you ever track down the cause?

When I examine the iptables on the compute node everything seems to be in place but you can still access services from a local machine on ports that are not authorized.

Everett


You received this question notification because you are a member of Nova Core, which is an answer contact for OpenStack Compute (nova).


You received this question notification because you are a direct subscriber of the question.

2011-08-17 20:29:41 -0500 answered a question Security group no effect in r1215

http://pastie.org/2387712

The instance in question is nova-compute-inst-1271.

euca-describe-groups GROUP toews default default PERMISSION toews default ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0 PERMISSION toews default ALLOWS tcp 80 80 FROM CIDR 0.0.0.0/0 PERMISSION toews default ALLOWS icmp -1 -1 FROM CIDR 0.0.0.0/0 PERMISSION toews default ALLOWS tcp 3389 3389 FROM CIDR 0.0.0.0/0 PERMISSION toews default ALLOWS udp 3389 3389 FROM CIDR 0.0.0.0/0

Steps:

  1. Run instance and associate floating IP
  2. ssh to instance
  3. Add port 200 and tcp to the /etc/services file on the instance.
  4. sudo nc -l 200
  5. From local machine: telnet <floating ip=""> 200

A connection is made to the instance on port 200 from my local machine. Anything typed into the telnet session appears on the instance.

Everett

On Wed, Aug 17, 2011 at 2:05 PM, Soren Hansen < question163006@answers.launchpad.net > wrote:

Question #163006 on OpenStack Compute (nova) changed: https://answers.launchpad.net/nova/+question/163006 (https://answers.launchpad.net/nova/+q...)

Status: Needs information => Answered

Soren Hansen proposed the following answer: Can either of you provide the output of "sudo iptables-save"?


You received this question notification because you are a direct subscriber of the question.

2011-08-17 19:55:39 -0500 answered a question Security group no effect in r1215

Hi Hugo,

We've actually run into the same problem. Did you ever track down the cause?

When I examine the iptables on the compute node everything seems to be in place but you can still access services from a local machine on ports that are not authorized.

Everett

2011-08-15 20:54:39 -0500 answered a question glance does not work when working with swift

Perhaps you're running into this bug?

https://bugs.launchpad.net/glance/+bug/771849 (https://bugs.launchpad.net/glance/+bu...)

Everett

On Wed, Aug 10, 2011 at 3:06 AM, Guangya Liu < question167442@answers.launchpad.net > wrote:

Question #167442 on OpenStack Object Storage (swift) changed: https://answers.launchpad.net/swift/+question/167442 (https://answers.launchpad.net/swift/+...)

Guangya Liu gave more information on the question: Even if I set "swift_store_auth_address = https://172.17.1.125:443/auth/v1.0/%22 (https://172.17.1.125:443/auth/v1.0/") still does not work.


You received this question notification because you are an answer contact for OpenStack Object Storage (swift).

2011-08-09 05:25:46 -0500 answered a question Using zones in Cactus

Thanks Sandy Walsh, that solved my question.

2011-08-09 01:34:42 -0500 answered a question Using zones in Cactus

Found the problem. I was actually running the child zones in VMs in the parent zone just to try all of this stuff out. I had forgotten to authorize the port 8774. Once that was done the parent zone could communicate with the child zones.

However, even though the parent and child zones can communicate I'm still unable to start VMs in the child zones. I think this is because Cactus doesn't have a Scheduler based on ZoneAwareScheduler. I tried using the ZoneScheduler but that scheduler only knows about Availability Zones. The overloaded use of the word zone can be confusing (especially if you throw in Swift's meaning as well).

Unfortunately I'm unable to use trunk or even any of the Diablo milestones, we'll have to wait until the Diablo release to try all of the new stuff for zones. I don't mind setting this aside until the Diablo release but I think my questions are still relevant.

  1. Is Cactus release able to schedule instances to child zones?
  2. Do I need to explicitly add the parent zone? I would think that the act of adding a zone to another zone makes it a parent.
  3. How are users/projects sync'd across zones? If zones share nothing, how are the child zones aware of users/project? Do users/project even matter to child zones?
  4. Is there any config that needs to be done on the compute nodes in a zone?

I think something that would also really help would be to include a concrete example of configuring a parent and child zone in the documentation at http://nova.openstack.org/devref/zone.html (http://nova.openstack.org/devref/zone...) . Kind of a 1-2-3 guide to the basic setup of a parent and child zone. Something that would be essential in such a guide would be clearly defining all flags that are relevant to zones and exactly which flags are for which services.

2011-08-08 08:19:28 -0500 asked a question Using zones in Cactus

Hi All,

I'm attempting to use zones in Cactus but haven't been able to get the configuration quite right. The setup I'm attempting is 1 parent zone with 2 child zones.

Here's my relevant config:

Parent zone nova.conf

--scheduler_driver=nova.scheduler.zone.ZoneScheduler --allow_admin_api=true --enable_zone_routing=true

Child zone 1 nova.conf

--scheduler_driver=nova.scheduler.simple.SimpleScheduler --allow_admin_api=true --zone_name=nova1

Child zone 2 nova.conf

--scheduler_driver=nova.scheduler.simple.SimpleScheduler --allow_admin_api=true --zone_name=nova2

On the node of the parent zone I do:

nova zone-add http://xxx.xxx.xxx.xxx:8774/v1.0/ nova1-admin 5c966a51-89f2-47c9-9d87-5d950ce8f492 nova zone-add http://xxx.xxx.xxx.yyy:8774/v1.0/ nova2-admin 67966a51-89f3-47c9-9d87-5d951ce8f434

After waiting a couple of minutes I do a "nova zone-list" and get the output:

+----+------+-----------+--------------+---------------------------------+ | ID | Name | Is Active | Capabilities | API URL | +----+------+-----------+--------------+---------------------------------+ | 1 | None | True | None | http://xxx.xxx.xxx.xxx:8774/v1.0/ | | 2 | None | True | None | http://xxx.xxx.xxx.yyy:8774/v1.0/ | +----+------+-----------+--------------+---------------------------------+

After another few minutes the Is Active field changes to False for both of them.

My questions are:

  1. What am I doing wrong? Is there any config I'm missing?
  2. Do I need to explicitly add the parent zone? I would think that the act of adding a zone to another zone makes it a parent.
  3. How are users/projects sync'd across zones? If zones share nothing, how are the child zones aware of users/project? Do users/project even matter to child zones?
  4. Is there any config that needs to be done on the compute nodes of a zone?

Thanks, Everett

2011-08-02 10:45:56 -0500 answered a question nova-manage project zipfile ... creates a novarc that is at odds with my nova.conf

That really shouldn't happen. If your s3_host and ec3_url are ...60 in nova.conf then the EC2_URL and S3_URL should be the same in your novarc.

If you changed your nova.conf file, you need to make sure you restart all of your nova-* services AND regenerate your novarc with the "nova-manage project zipfile ..." command.

Everett

On Fri, Jul 29, 2011 at 5:41 PM, Patrick Pushor < question166414@answers.launchpad.net > wrote:

New question #166414 on OpenStack Compute (nova): https://answers.launchpad.net/nova/+question/166414 (https://answers.launchpad.net/nova/+q...)

My novarc has the following line in it, among other things. This was generated on the nova controller node:

export EC2_URL="http://172.16.1.61:8773/services/Cloud" export S3_URL="http://172.16.1.61:3333"

Yet my nova.conf on the same node has:

--s3_host=172.16.1.60 --ec2_url=http://172.16.1.60:8773/services/Cloud

My concern is when I go to register images using "uec-publish-tarball $image [bucket-name] [hardware-arch]" I want them to wind up on the compute node - or do I? Maybe that is an incorrect assumption.

Thank you!


You received this question notification because you are an answer contact for OpenStack Compute (nova).

2011-06-28 21:50:21 -0500 answered a question Startup problems with a compute node in a multi-node cluster

I've found that anytime you see "Unknown column" problems in your logs you've got mismatched version problems.

Confirm that you're running the same version of Nova on both nodes.

dpkg -l 'nova'

Everett

On Tue, Jun 28, 2011 at 3:41 PM, Davor Cubranic < question163082@answers.launchpad.net > wrote:

Question #163082 on OpenStack Compute (nova) changed: https://answers.launchpad.net/nova/+question/163082 (https://answers.launchpad.net/nova/+q...)

Davor Cubranic gave more information on the question: Information about my setup:

  • each host has two NICs: one on the private management subnet (192.168.11.x), and another on the public internet
  • FlatDHCPManager
  • guest instances run on a virtual network 10.0.0.0/12, starting at 10.0.1.2
  • nova1 is the network controller and has an address on the guest network: 10.0.1.1

You received this question notification because you are an answer contact for OpenStack Compute (nova).

2011-06-20 22:11:36 -0500 answered a question Making an image private to a project with euca-modify-image-attribute

Thanks Vish Ishaya, that solved my question.

2011-06-20 22:11:29 -0500 answered a question Making an image private to a project with euca-modify-image-attribute

I tried out the fix in the bug you linked to this Vish and it worked.

Thanks!

https://bugs.launchpad.net/nova/+bug/798998 (https://bugs.launchpad.net/nova/+bug/...)

2011-06-19 03:35:44 -0500 answered a question Quota for accounts

Thanks gholt, that solved my question.

2011-06-17 21:54:45 -0500 answered a question Making an image private to a project with euca-modify-image-attribute

BTW, we're using Glance as our image registry.

Everett

2011-06-17 21:47:05 -0500 asked a question Making an image private to a project with euca-modify-image-attribute

Hi All,

I'd like to make an image private to a project with euca-modify-image-attribute. Here's what I've tried so far (project name=toews, project user=toews-admin).

root@i-0000044a:/tmp# euca-describe-image-attribute -l ami-00000038 launchPermission ami-00000038 group all

root@i-0000044a:/tmp# euca-modify-image-attribute -l -a 42:toews ami-00000038 ApiError: ApiError: user or group not specified

root@i-0000044a:/tmp# euca-modify-image-attribute -l -a toews ami-00000038 ApiError: ApiError: user or group not specified

root@i-0000044a:/tmp# euca-modify-image-attribute -l -a toews-admin ami-00000038 ApiError: ApiError: user or group not specified

root@i-0000044a:/tmp# euca-modify-image-attribute -l -a 42 ami-00000038 ApiError: ApiError: user or group not specified

root@i-0000044a:/tmp# euca-modify-image-attribute -l -r all ami-00000038 IMAGE ami-00000038

root@i-0000044a:/tmp# euca-describe-images IMAGE aki-00000007 ubuntu-10-10-server/maverick-server-uec-amd64-vmlinuz-virtual.manifest.xml available public i386 kernel
IMAGE ami-00000008 ubuntu-10-10-server/maverick-server-uec-amd64.img.manifest.xml available public i386 machine aki-00000007

root@i-0000044a:/tmp#

As you can see any attempt to modify the launch permissions by adding some combination of project user/project name/userid all result in an ApiError. If I remove the all group then the image disappears completely!

Is it possible to make an image private to a project with euca-modify-image-attribute? Any ideas as to how?

Thanks, Everett

2011-06-16 21:24:49 -0500 asked a question Quota for accounts

Is it possible to configure a quota for individual accounts/users? How about across all accounts/users?

Thanks, Everett

2011-06-10 16:23:15 -0500 answered a question Is it possible to switch to another DBMS instead of SQLite?

Thanks John Dickinson, that solved my question.

2011-06-10 15:37:27 -0500 asked a question Is it possible to switch to another DBMS instead of SQLite?

I'm pretty sure the answer is no but I wanted to ask.

If we wanted to use another DBMS instead of SQLite for the Account DB and Container DB (and any other DBs), is that possible with some easy config?

Thanks, Everett

2011-06-10 14:32:55 -0500 answered a question 169.254.169.254 is driven me insane

Great to hear that you solved it. Can you include your solution please?

Everett

On Thu, Jun 9, 2011 at 4:55 PM, Melicloud < question159317@answers.launchpad.net > wrote:

Question #159317 on OpenStack Compute (nova) changed: https://answers.launchpad.net/nova/+question/159317 (https://answers.launchpad.net/nova/+q...)

Status: Open => Solved

Melicloud confirmed that the question is solved: Solved already !


You received this question notification because you are an answer contact for OpenStack Compute (nova).