Ask Your Question

Mzoorikh's profile - activity

2017-02-07 07:58:14 -0500 received badge  Nice Answer (source)
2017-01-20 07:50:51 -0500 received badge  Nice Answer (source)
2016-05-15 23:07:40 -0500 received badge  Good Answer (source)
2015-10-29 07:50:18 -0500 received badge  Nice Answer (source)
2015-10-14 12:13:28 -0500 received badge  Nice Answer (source)
2015-09-09 16:28:20 -0500 received badge  Nice Answer (source)
2015-08-19 07:48:07 -0500 received badge  Good Answer (source)
2015-07-23 04:43:45 -0500 received badge  Great Answer (source)
2015-07-23 04:43:45 -0500 received badge  Guru (source)
2015-07-23 00:30:29 -0500 edited answer Why Swift is required in Openstack?

Swift is an object-storage system to store files and large objects on the cloud using simple APIs. Swift converts every files and objects stored on the cloud to the specifil URL(like:, that your application can retrive files using simple http requests. But in order to use swift in your deployment, your running applications must be cloud-ready application(Cloud-ready means the app is written in a way to use cloud APIs specially swift APIs in this case, or atleast use swift file URLs to retrieve files from cloud instead of local storage). Traditional apps, can not leverage facilities provided by swift, becasue they store/retrive files using operating system APIs.

You didn't need swift becasue your applications are legacy apps that store their files and objects on the local attached virtual disk(provided by cinder), using OS file system APIs instead of cloud storage system(Swift). So, you didn't feel the need of swift.

In summery swift can be used in the following ways:

  • Use as Glance backend to store Images(image is considred as object)
  • Store/Retreive files and objects by cloud-ready applications using swift APIs
  • Store/Retrive cloud backup archives

Hope to be useful.

2015-07-11 00:46:42 -0500 commented answer what is the intended use for domain in keystone?

Yes. fine.

2015-07-10 23:52:38 -0500 commented answer what is the intended use for domain in keystone?

No, as the same as when you login as administrator, you have two seperated panels 1- admin panel and 2- project panel. So you can manage your project-scoped resources via project panel and also domain-scoped resources via admin panel. The domain-scoped resources are subset of what superuser see.

2015-07-10 16:08:54 -0500 answered a question what is the intended use for domain in keystone?

Conside the following situation. You are administrator of openstack, and want to define a new company operator with ability to add, remove and controling the access of other users. How can you do this before the emergence of domain concept? You had to add user_crud role to operator, that allows him to have full administrative access to all users and projects defined in keystone but not the subset of those. This is not a good solution and you don't want to give the operator to have full access over all defined users. You want to give access to a subset of users and tenants(projects).

So domain provides an administrative boundries for keystone entities(Project, users, roles, ...). Hope to be helpful.

See this page for more information.

2015-07-10 11:18:57 -0500 commented question Why isn't glance just a part of Nova, since its only service needing it?
2015-04-20 22:45:20 -0500 commented question nova image-list is showing error

The information you provided in your post doesn't make any sense exactly what was going wrong. Please paste error messages in your log files(in /var/log/nova or /var/log/glance directories).

2015-03-05 20:31:48 -0500 received badge  Good Answer (source)
2015-03-03 12:46:08 -0500 answered a question glance error in store configuration

The uploading image capability is disabled in your configuration. See this page for resolution.

2015-02-26 08:05:30 -0500 answered a question what's the difference between "security groups" and "firewall as a services"?

In my experience, Firewall as a service(FWaaS) has control over router ports but security group brings controler over instance ports directly.

Also security group is Backward compatible with Nova security groups (EC2 & existing nova deployments)

See all snapshots here. These are snapshot of FWaaS service, and how it works.

2015-02-16 12:15:22 -0500 commented question How to autoscale down gracefully with heat

Have you ever seen this before? The following page also contains useful information about the heat autoscale up and down: You can google it to find more...

2015-02-16 07:38:29 -0500 received badge  Great Answer (source)
2015-02-15 13:43:11 -0500 answered a question order of resource via stack delete

You can change the order of lines in script. For example you can bring the following lines on top of the script( to be executed before for example nova stop command:

if is_service_enabled cinder; then
2015-02-15 09:18:18 -0500 answered a question What is the difference between Nova metadata service and Heat metadata server?

Metadata service serves instance-specific-data to other services(specially nova and heat). There are two main types of instance-specific data:

  • Instance Metadata: Mainly consumed by compute service(Nova, instances)
  • User data: Mainly consumed by heat(and other cloud aware agents such as cloud-init)

Both heat and nova use metadata service for different purposes, which both are compared side to side in the following:

From Nova point of view

  • Purpose: From this perspective the primary goal of metedata service is to serve instance metadata.
  • Content: Instance metadata that includes but not limmited to:
  • instance-id
  • instance-type
  • kernel-id
  • local-hostname
  • public-hostname
  • ramdisk-id

From Heat Point of view

  • Purpose: Heat can be configured to use matadata service to pass user's data(e.g. instance root password) to the created instance at instance initialization state. Also Heat connect to metadata service in order to get notified about any events(e.g. intstance failure or metadata changes). In more detail, cf-engine monitors the instance metadata and executes hooks when the metadata changes(I don't really know this last feature is implemented or not. I think this is a blueprint).
  • Content: The primary content is User's data that incldues but not limmited to
    • instance root password
    • startup script

Hope to be useful.

2015-02-15 04:34:50 -0500 commented answer Where do I add link to download pre-built image for devstack setup?

Yes, exactly. Add it to your local.conf.

2015-02-14 14:15:16 -0500 answered a question Where do I add link to download pre-built image for devstack setup?

If you want to download images automatically and add to the glance in devstack script, you can use IMAGE_URLS option as the following example shows:

For Fedora image for example:


You can change the url, for your custom image to downlaod.

Hope to be helpful.

2015-02-11 00:25:38 -0500 commented answer Luanch instance:Exceeded max scheduling attempts 3 for instance

Did you launch Cirros image? Cirros is so lightweight image. Test it, to see whether the error message is the same as ubuntu or not.

2015-02-10 09:07:16 -0500 commented answer Luanch instance:Exceeded max scheduling attempts 3 for instance

From "Cannot set up guest memory 'pc.ram'" part of your posted log, it sounds like that you requested to run instance with demanding memory more than what is physically availble. What flavor you selected for your instance to spawn? Reduce the value of memory for your instance. It may fix the issue

2015-02-09 08:23:39 -0500 answered a question Luanch instance:Exceeded max scheduling attempts 3 for instance

In general, "No Valid Host Was Found" error meesage is raised when not enough resources(vCUP, Mem, Storage, ...) are availabe to launch an instance on compute nodes. In other words, nova-scheduler can not find a compute node with enough resources(vcpu, disk, ram,...) to launch instance.

Make sure that your target compute node has enough virtual resources that your instance requested. For further details, check your scheduler(nova-scheduler.log) and nova-api(nova-api.log) log files and put the error messages in your post. Both files are stored at:

2015-02-05 12:49:16 -0500 received badge  Nice Answer (source)
2015-02-05 11:53:18 -0500 answered a question Openstack manual Install and deployment

It depends on your target distribution. The following links are a list of openstack manual installation based on different linux distributions:

2015-02-05 11:38:13 -0500 received badge  Good Answer (source)
2015-02-05 07:51:30 -0500 answered a question Openstack Instance High Availability(How to make pets VM highly available?)


Providing high availability for pets instance is a gap in openstack in which commercial companies doing business accordingly by filling this gap. They work on their openstack-based solution to deliver advanced scheduling and high availability featues.

An important question: Why openstack community does not show any interest to devise a production-proven project in order to address problems of openstack pets instance high availability? The answer is simple. They believe that, in the context of cloud, the applications must be self-recoverable and self-resilient, that can work on unreliable cloud infrastructure in a highly availabile manner.

But about your mentioned solutions. I think the first one is the most strightforward than others, becasue:

  • Heat/HA: No success story of this method I found. And all of the HA related topics in the heat wiki pages are under heavy development and is not stable.
  • Nautron and Allowed Address Pair: As you hitted, this method is best matched to stateless instances and needs extra works to provide pets instance HA.

I found no ready to use implementation of the method #1. But in order to implement it, there are three steps that need to be fulfill when writing watch and react script in this way:

  1. Detecting: Detection of host failure using availabile tools: (1- Nagios OR 2- Pacemaker)
  2. Fencing: Isolating a failed not to protect any execution of same instance on different host and any data corruption in cinder volumes.
  3. Recovering: After detection and fencing, its turn to recovering the failed instances and starting them using nova-evacuate command on the other healthy host(Backup hosts)

The major requirements of this method are as follows:

  • Seting up shared storage using for example gluserFS or cephFS between compute nodes to share /nova/instance directory.
  • Considering two or more compute nodes as backup nodes(which are ready to run failed instances after fail detection)

Hope to be helpful.

2015-02-04 09:49:39 -0500 received badge  Guru (source)
2015-02-04 09:49:39 -0500 received badge  Great Answer (source)
2015-02-01 12:49:09 -0500 received badge  Good Answer (source)
2015-02-01 12:07:55 -0500 received badge  Nice Answer (source)
2015-02-01 12:05:35 -0500 received badge  Nice Answer (source)
2015-01-22 15:27:15 -0500 commented answer What is a Cloud Controller

Yes, Both cinder-api and cinder-scheduler should be installed on the controller node. But cinder-volume can be install on the other node(s) to serve virtual disks. It is also possible to configure your cinder-volume node to use different type of storage backends(e.g. LVM, Gluster, NFS, ...).

2015-01-21 14:33:23 -0500 answered a question 500 server error

Swift service can not authenticate your request via keystone, due to miss-configuration or lack of connectivity to keystone server. Check your swift log to find a clue of what was exactly happened?

Swift Log file:

2015-01-21 14:23:13 -0500 answered a question nova image-list

It sounds like you have not successful installation of python netifaces module. Try the following line, to install netifaces. It may solve the problem:

pip install netifaces