Friday, 2011-06-03

*** jeffjapan has joined #openstack		00:03
*** lborda has quit IRC		00:03
*** asdfqwer has joined #openstack		00:03
*** deshantm_away is now known as deshantm		00:05
*** pguth66 has quit IRC		00:07
*** pguth66 has joined #openstack		00:08
asdfqwer	does openstack cross over into a lot of the responsibility of the hypervisor	00:10
asdfqwer	given glance and storage management	00:10
WormMan	in my opinion(very new to openstack), not really, at least for KVM and Xen. It's more of a wrapper	00:11
asdfqwer	i mean, i'm reading through the docs and openstack asserts it requires a hypervisor but is the responsiblity of say something like xen of openstack is interfacing with it	00:12
asdfqwer	ya	00:12
WormMan	it just tells the hypervisor what to do, where the storage lives... you'd do the same with xm/libvirt	00:12
asdfqwer	looks like it just makes deployment easier as well	00:12
asdfqwer	but look at this	00:13
asdfqwer	http://wiki.openstack.org/XenServerDevelopment	00:13
asdfqwer	http://wiki.openstack.org/XenServerDevelopment#Instance_Management	00:13
asdfqwer	preparing images for openstack versus xen is totally different	00:13
WormMan	yea, XenServer(and VMWare) I expect are a bit of a different animal	00:13
WormMan	remember, XenServer is much more of a complete virtualization solution like VMWare than a thin hypervisor like Xen or KVM	00:14
asdfqwer	the intergration is somewhat confusing though	00:15
WormMan	yea, I read that page, my brain hurt	00:15
asdfqwer	especially for hypervisor, I mean it's like you opt out of configuration and delegate it for openstack	00:15
WormMan	luckily, we aren't going to be paying for XenServer here :)	00:16
*** dendrobates is now known as dendro-afk		00:16
asdfqwer	Xen looks like it's still better at handling networking, dns, IPs, etc.	00:16
*** lborda has joined #openstack		00:17
asdfqwer	thing is i work in a datacenter	00:17
asdfqwer	i'm not our admin but a developer	00:17
WormMan	it really depends on what you want... as always	00:17
WormMan	I work for a 'hosting company' and we have clients who want a nice API drivable provisioning solution, so we're looking hard at openstack	00:18
asdfqwer	well, we have like 6 shared web hosts, 3 sql servers, dns server, and a few dedicated hosts	00:18
asdfqwer	all running on windows ._.	00:18
WormMan	(they want to move from a public cloud to a semi-private cloud...)	00:18
WormMan	we have about 3000... I think, none running windows :)	00:19
WormMan	(except at corporate, but those don't count)	00:19
*** lborda has quit IRC		00:19
asdfqwer	not to mention all the ColdFusion applications they host	00:19
asdfqwer	I don't see running a bunch of Windows guests as VMs on CF turning out well	00:19
WormMan	depends on what problem you're trying to solve	00:20
asdfqwer	mostly maintence and down time	00:20
asdfqwer	not to mention flexibility	00:20
*** mgius is now known as mgius-away		00:20
WormMan	if you want isolation, and they don't have huge performance needs, it's probably fine.	00:20
*** joearnold has quit IRC		00:21
WormMan	but, I don't think openstack is likely the right answer(but maybe that's me)	00:21
*** CK483 has quit IRC		00:21
WormMan	something more of a VMWare or XenServer, non-cloud thing may work better	00:21
asdfqwer	yeah but they cheap	00:21
WormMan	heh	00:21
WormMan	well, you can try some of the other front-ends for Xen(or KVM)	00:21
asdfqwer	I mean, if we get a 2-3 shared hosts up and running	00:22
asdfqwer	the problem is migration	00:22
asdfqwer	how are you storing images and what format?	00:22
WormMan	yea, openstack doesn't do that well yet(at all?) KVM can, but I don't know about what friendly tools there are	00:22
asdfqwer	XenServer prefers VDI	00:23
WormMan	we're testing with raw disk, I have no idea what our clients will want to give us	00:23
WormMan	probably something compatible with amazon	00:23
asdfqwer	KVM simple enough?	00:24
WormMan	I personally use KVM to host one windows VM at home, but I have no idea in an enterprise situation	00:25
asdfqwer	is it typical to run hypervisor and openstack (compute) on same machine	00:25
asdfqwer	ya	00:25
WormMan	the nova-compute does run on the hypervisored systems, it manages the hypervisor	00:26
asdfqwer	okay	00:26
asdfqwer	glance and storage are more or less extensions	00:26
asdfqwer	things that can be handled by hypervisor?	00:26
WormMan	and can run on other systems	00:26
WormMan	glance I believe is required, swift is not	00:26
*** _vinay has quit IRC		00:27
asdfqwer	WormMan, looks like compute can manage images	00:31
asdfqwer	>There are two methods for managing images. Images can be served through the OpenStack Image Service, a project that is named Glance, or use the nova-objectstore service.	00:31
WormMan	ahh, I've not looked at it	00:32
WormMan	I spent today benchmarking hypervisors :)	00:32
asdfqwer	doesn't sound like fun	00:32
WormMan	necessary evil	00:32
asdfqwer	i take that back	00:32
asdfqwer	what sort of tests?	00:33
WormMan	the not-fun part was trying to actually make Xen 4.1 work	00:33
*** obino has quit IRC		00:34
WormMan	lmbench for CPU and syscall and memory; iperf for network, and now bonnie++ or iozone for disk	00:34
WormMan	(running on an ubuntu guest)	00:34
asdfqwer	yeah i'm trying to convince co-workers to avoid xen as much as possible, esp. given the fact they think they can integrate it into openstack w/o a hitch	00:34
*** obino has joined #openstack		00:35
WormMan	Xen has definite advantages, it's more mature, and IO definitely seems faster(Network and Disk) which is a high priority for our clients	00:35
WormMan	now, getting it to run is a different story :)	00:35
WormMan	(I've not even looked at the openstack part yet)	00:36
asdfqwer	what version?	00:40
asdfqwer	it's funny cause XenServer 5.6 and XCP 1.0 are using the exact same admin guide	00:41
asdfqwer	http://docs.vmd.citrix.com/XenServer/5.6.0fp1/1.0/en_gb/reference.html and http://www.xen.org/files/XenCloud/reference.pdf	00:41
WormMan	Xen 4.1(compliled from source, hooked to a hand compiled 2.6.32.40-xen kernel and stuck on ubuntu 10.04	00:41
WormMan	)	00:41
WormMan	yea, we're looking at raw Xen, not the packaged stuff like XenServer or XCP	00:41
*** Jbain has joined #openstack		00:42
asdfqwer	what's difference really?	00:43
asdfqwer	n/m	00:43
asdfqwer	>citrix	00:43
WormMan	packaging, fit, polish, toolsets	00:43
WormMan	and now, time to go home	00:44
asdfqwer	k	00:44
asdfqwer	thanks for input	00:44
asdfqwer	gl	00:44
*** dprince has joined #openstack		00:47
*** adjohn has joined #openstack		00:47
*** miclorb_ has quit IRC		00:47
*** vladimir3p has quit IRC		00:50
*** gaveen has quit IRC		00:56
*** miclorb_ has joined #openstack		00:58
*** dprince has quit IRC		01:02
*** osier has quit IRC		01:05
*** mgius-away is now known as mgius		01:07
*** stewart has quit IRC		01:16
*** zenmatt has quit IRC		01:21
*** stewart has joined #openstack		01:29
*** MotoMilind has quit IRC		01:34
*** gustavomzw_ has joined #openstack		01:37
*** wariola has joined #openstack		01:39
*** mattray has joined #openstack		01:40
*** Ryan_Lane has quit IRC		01:40
*** jatsrt has joined #openstack		01:41
jatsrt	21	01:41
dsockwell	17	01:41
jatsrt	ha	01:41
jatsrt	42	01:41
dsockwell	HIKE	01:41
jatsrt	fat fingered that one	01:41
jatsrt	anyone out there able to answer questions about pause/suspend in diablo-1	01:42
dsockwell	not me, i'm trying to get installed	01:43
jatsrt	stuck?	01:43
dsockwell	not sure how i'm going to interface nova-compute with xe n	01:43
dsockwell	xen	01:43
jatsrt	ahh	01:43
jatsrt	yeah	01:43
jatsrt	seems alot of people trying that	01:43
jatsrt	why not KVM?	01:44
dsockwell	but right now i'm trying to tech ubuntu to multipath	01:44
dsockwell	hardware is too old	01:44
jatsrt	really?	01:44
dsockwell	yes	01:44
jatsrt	I've got some old opterons and xeons running it just fine	01:44
dsockwell	this is a HT P4	01:44
jatsrt	ahhh, yeah	01:44
dsockwell	yup	01:44
dsockwell	free is good, but it comes with some baggage	01:45
jatsrt	yeah, I used my free non virtaulizable processors for the management stuff	01:45
*** cloudgroups has joined #openstack		01:45
*** jdurgin has quit IRC		01:46
dsockwell	yeah	01:46
dsockwell	me too :D	01:46
dsockwell	but i'm also using them for hypervisors, which is Fun	01:46
dsockwell	it seems like bexar had a nova.conf directive to specify the hypervisor, but i'm not seeing it on cactus	01:47
dsockwell	does it think it's smart enough to find out for itself?	01:47
jatsrt	it may be	01:47
dsockwell	my opterons right now are running zfs in the storage server	01:48
jatsrt	DEFINE_string('connection_type', 'libvirt', 'libvirt, xenapi or fake')	01:48
jatsrt	['hypervisor=xenserver;kvm', 'os=linux;windows'],	01:48
dsockwell	hmmmmm	01:48
dsockwell	where do you see that	01:48
jatsrt	flags.py	01:48
dsockwell	ok	01:48
dsockwell	i'll look at the docs again	01:49
jatsrt	DEFINE_list('zone_capabilities',	01:49
jatsrt	['hypervisor=xenserver;kvm', 'os=linux;windows'],	01:49
jatsrt	'Key/Multi-value list representng capabilities of this zone')	01:49
jatsrt	yeah, docs may not be the best, look at the code if you really need to do soemthing :-)	01:49
dsockwell	heh	01:49
dsockwell	noted	01:49
*** cloudgroups has left #openstack		01:50
jatsrt	I'd try connection_type=xenapi in your nova.conf	01:50
dsockwell	xenapi is for xenserver	01:51
dsockwell	i'm thinking it would be libvirt	01:51
jatsrt	http://paste.openstack.org/show/1528/	01:51
*** pguth66 has quit IRC		01:51
jatsrt	so libvirt , you may need to change your ....	01:52
dsockwell	i might have to set up libvirt to talk to xen	01:52
dsockwell	that sounds easy enough	01:52
dsockwell	i should start taking notes	01:52
dsockwell	with kvm lots of distributions are dropping official support for xen	01:53
jatsrt	libvirt.xml.template	01:53
dsockwell	which really screws over people with old gear	01:53
dsockwell	looks like i'll have to compile it from source	01:54
dsockwell	i'd switch over to debian but i'd rather compile xen than openstack	01:54
jatsrt	yeah, kvm is simple	01:54
*** zwick has joined #openstack		01:55
uvirtbot	New bug: #792156 in nova "paramiko not installed in venv, required by smoketests/base.py" [Undecided,In progress] https://launchpad.net/bugs/792156	01:56
jatsrt	dsockwell: may ve as simple as FLAGS.libvirt_type == 'xen'	01:56
dsockwell	neat, thank you	01:56
jatsrt	there are probably people hanging around here that would know for sure, I'm just guessing based on code	01:56
dsockwell	well i appreciate it	01:56
jatsrt	Libvirt domain type. Can be kvm, qemu, uml, xen	01:57
dsockwell	cool!	01:57
jatsrt	so that would just be putting --libvirt_type=xen in the nova.conf	01:58
*** mattray has quit IRC		02:01
*** ryker has joined #openstack		02:03
*** mgius is now known as mgius-away		02:04
*** zwick has quit IRC		02:04
*** mancdaz has quit IRC		02:11
*** kaz has joined #openstack		02:18
*** robbiew has joined #openstack		02:22
*** hadrian has quit IRC		02:23
*** PeteDaGuru has quit IRC		02:26
*** miclorb_ has quit IRC		02:28
*** gustavomzw_ has quit IRC		02:28
*** cloudgroups has joined #openstack		02:28
*** chiehwen has joined #openstack		02:31
*** cloudgroups has quit IRC		02:31
*** lborda has joined #openstack		02:33
uvirtbot	New bug: #792170 in swift "Add complete support for HTTP proxies in client.py" [Undecided,New] https://launchpad.net/bugs/792170	02:41
*** zenmatt has joined #openstack		02:42
*** osier has joined #openstack		02:45
*** julian_c has joined #openstack		02:48
*** Campbell has quit IRC		02:52
*** miclorb_ has joined #openstack		02:56
*** blamar__ has joined #openstack		02:57
*** ryker has quit IRC		03:02
*** miclorb_ has quit IRC		03:03
*** konetzed has quit IRC		03:03
*** konetzed has joined #openstack		03:04
*** ches has quit IRC		03:09
*** ches has joined #openstack		03:09
*** obino has quit IRC		03:10
*** jatsrt has quit IRC		03:14
*** lborda has quit IRC		03:15
*** osier has quit IRC		03:22
*** osier has joined #openstack		03:23
*** lborda has joined #openstack		03:29
*** AimanA is now known as HouseAway		03:32
*** CK483 has joined #openstack		03:40
*** miclorb_ has joined #openstack		03:56
*** jpgeek has joined #openstack		04:02
*** gaveen has joined #openstack		04:12
*** Zangetsue has joined #openstack		04:25
*** openpercept_ has joined #openstack		04:31
*** kashyap has joined #openstack		04:31
*** gaveen has quit IRC		04:42
*** CK483 has quit IRC		04:49
*** gaveen has joined #openstack		04:55
*** blamar__ has quit IRC		04:56
*** miclorb_ has quit IRC		05:07
*** miclorb_ has joined #openstack		05:17
*** mgoldmann has joined #openstack		05:25
*** miclorb_ has quit IRC		05:41
*** jeffjapan has quit IRC		05:46
*** Binbin has joined #openstack		05:48
*** zenmatt has quit IRC		05:51
*** adrianmir has quit IRC		06:06
*** Ryan_Lane has joined #openstack		06:07
*** 16WAAJDQ7 has joined #openstack		06:20
*** 16WAAJDQ7 is now known as mihgen_		06:22
*** mihgen_ is now known as _mihgen		06:23
*** _mihgen is now known as mihgen1		06:23
*** mihgen1 is now known as mihgen2		06:23
*** mihgen2 is now known as mihgen_		06:23
*** agarwalla has joined #openstack		06:25
*** guigui1 has joined #openstack		06:25
*** guigui1 has left #openstack		06:25
*** gaveen has quit IRC		06:33
*** gaveen has joined #openstack		06:36
*** gaveen has joined #openstack		06:36
*** obino has joined #openstack		06:41
*** thickskin has quit IRC		06:44
*** agarwalla has quit IRC		06:47
*** kashyap has quit IRC		06:53
*** dysinger has quit IRC		07:01
uvirtbot	New bug: #792217 in swift "Documentation: Configuration Parameters" [Undecided,New] https://launchpad.net/bugs/792217	07:01
*** allsystemsarego has joined #openstack		07:02
*** allsystemsarego has joined #openstack		07:02
*** Ryan_Lane has quit IRC		07:02
shehjart	folks, are openstack instance stores ephemeral or persistent?	07:03
*** reidrac has joined #openstack		07:03
*** thickskin has joined #openstack		07:05
*** dysinger1 has joined #openstack		07:06
*** Razique has joined #openstack		07:07
Razique	Hi all :)	07:09
shehjart	hi Razique, would you know if openstack instance stores are ephemeral,like ec2 or persistent, like vmware esx?	07:11
Razique	his shehjart	07:11
Razique	instances are ephemerals	07:11
Razique	they are persistent thought a reboot	07:12
*** dysinger has joined #openstack		07:12
*** kashyap has joined #openstack		07:12
Razique	(reboot of instance itfself or reboot of the nova-components), but since you terminate the instance, it is detroyed, and you loose the content into it.	07:12
Razique	You have to attach and EBS volume in order to preserve your datas	07:13
shehjart	i suppose there is some mechanism to sync the instances to disk on a reboot	07:13
shehjart	thanks	07:13
Razique	shehjart: for that you have to create "bootable EBS", which means, your instance is stored on the EBS server	07:15
*** dysinger1 has quit IRC		07:15
shehjart	Razique, is that bootable ebs the default mode when launching an instance?	07:16
*** Zangetsue has quit IRC		07:16
Razique	shehjart: I've not explored that part yet, but I don't think so	07:18
shehjart	ok	07:18
*** rcc has joined #openstack		07:19
Razique	there is no such thing as a "default mode", because, to me, it is not the "type" of instance which matter, but where it is stored	07:20
*** sebastianstadil has left #openstack		07:20
Razique	I explain : for a classic image, and a EBS, you run them the same way (via euca-run-instance), at that stage, the place where the image is doesn't matter	07:21
Razique	shehjart: but to be honnest, I could be wrong, and glad to be corrected :)	07:22
shehjart	Razique, np, thanks a bunch, it does tell me what else to look for	07:24
Razique	shehjart: :)	07:24
*** jeffjapan has joined #openstack		07:28
*** mihgen_ has quit IRC		07:41
*** jeffjapan has quit IRC		07:43
*** adjohn has quit IRC		07:46
dsockwell	would openstack play nice with xen 3.3?	07:49
*** nerens has joined #openstack		07:49
*** jeffjapan has joined #openstack		07:56
*** nerens has quit IRC		07:56
*** mihgen_ has joined #openstack		07:59
*** antenagora has joined #openstack		08:01
*** antenagora_ has joined #openstack		08:01
*** antenagora has quit IRC		08:01
*** antenagora_ is now known as antenagora		08:01
*** Zangetsue has joined #openstack		08:14
Razique	Hi all, I'm unable to ping or SSH an instance, here is what I see when I run a euca-get-console-output http://paste.openstack.org/show/1530/	08:14
*** jedi4ever has joined #openstack		08:22
*** jeffjapan has quit IRC		08:24
*** nacx has joined #openstack		08:31
*** jpgeek has quit IRC		08:40
*** winston-d has quit IRC		08:45
*** primeministerp has quit IRC		08:49
*** jedi4ever has quit IRC		08:55
*** antenagora has quit IRC		08:58
kaz	swift is how get the sent/received information volume?	09:00
*** ryker has joined #openstack		09:02
*** adjohn has joined #openstack		09:04
*** antenagora has joined #openstack		09:10
*** katkee has joined #openstack		09:12
*** chiehwen has quit IRC		09:12
*** openpercept_1 has joined #openstack		09:12
*** openpercept_ has quit IRC		09:13
*** openpercept_1 is now known as openpercept		09:13
*** openpercept has joined #openstack		09:13
Razique	Hi, I found the solution, it was related to the image I uploaded, for which the network injection didn't work, after I get a new image from http://uec-images.ubuntu.com/maverick/20110601/ it's working :)	09:14
*** mihgen_ has quit IRC		09:21
*** gaveen has left #openstack		09:21
*** ryker has quit IRC		09:24
*** kaz has quit IRC		09:30
*** kaz_ has joined #openstack		09:31
*** primeministerp has joined #openstack		09:35
*** mgoldmann has quit IRC		09:40
*** irahgel has joined #openstack		09:43
*** kennethkalmer has quit IRC		09:44
*** adjohn has quit IRC		09:58
*** antenagora has quit IRC		10:00
*** katkee has quit IRC		10:02
*** miclorb_ has joined #openstack		10:09
*** mihgen_ has joined #openstack		10:10
*** mihgen_ has quit IRC		10:14
*** mihgen_ has joined #openstack		10:15
*** markvoelker has joined #openstack		10:16
*** primeministerp has quit IRC		10:22
*** newopen has joined #openstack		10:31
newopen	hi,	10:32
newopen	who can tell me how nova-network works and why it use br100?	10:32
*** Binbin has quit IRC		10:34
*** taihen has joined #openstack		10:41
*** osier has quit IRC		10:45
*** kennethkalmer has joined #openstack		10:50
*** miclorb_ has quit IRC		10:53
*** miclorb has joined #openstack		10:57
*** kennethkalmer has quit IRC		10:58
*** wariola has quit IRC		10:58
*** kennethkalmer has joined #openstack		11:03
*** shehjart has quit IRC		11:27
*** sante has joined #openstack		11:32
*** miclorb has quit IRC		11:33
*** primeministerp has joined #openstack		11:37
*** kennethkalmer has quit IRC		11:39
*** julian_c has quit IRC		11:40
*** shehjart has joined #openstack		11:43
*** PeteDaGuru has joined #openstack		11:48
*** ameade has joined #openstack		11:50
*** mihgen_ has quit IRC		11:53
*** sante has quit IRC		11:55
*** mihgen_ has joined #openstack		12:00
*** openpercept_ has joined #openstack		12:14
*** openpercept_ has quit IRC		12:14
*** openpercept_ has joined #openstack		12:14
*** openpercept has quit IRC		12:16
*** BK_man has quit IRC		12:16
*** katkee has joined #openstack		12:20
*** BK_man has joined #openstack		12:25
*** katkee has quit IRC		12:27
*** katkee has joined #openstack		12:28
*** kaan_ has joined #openstack		12:31
*** dprince has joined #openstack		12:33
*** ryker has joined #openstack		12:33
*** ameade has quit IRC		12:35
*** ameade has joined #openstack		12:38
*** kennethkalmer has joined #openstack		12:39
*** kennethkalmer has joined #openstack		12:40
*** jedi4ever has joined #openstack		12:41
*** jatsrt has joined #openstack		12:41
*** shentonfreude has joined #openstack		12:54
*** jfluhmann has quit IRC		12:54
*** ryker has quit IRC		12:55
*** jaypipes-afk is now known as jaypipes		12:55
*** hadrian has joined #openstack		12:57
Razique	When I run an Instance downloaded from Ubuntu EUC images, I've this errors in nova-api.log	13:01
Razique	http://paste.openstack.org/show/1531/	13:01
*** NashTrash has joined #openstack		13:01
NashTrash	Good morning openstack'ers	13:01
Razique	the UEC repo : http://uec-images.ubuntu.com/maverick/20110601/	13:01
Razique	NashTrash: Hi to you :)	13:01
NashTrash	:)	13:02
NashTrash	I want to delete a nova network and replace it with a different one.	13:02
NashTrash	To be more specific, right now my network is 192.168.51.0/25 and I want to go to 192.168.51.24.	13:03
Razique	Oh I found a question related to my issue : https://answers.launchpad.net/nova/+question/145062	13:03
NashTrash	Using nova-manage is there a good way to do this or do I just nova-manage network delete and nova-manage network create	13:03
*** h0cin has joined #openstack		13:04
*** h0cin has joined #openstack		13:04
Razique	NashTrash: Edit your nova.conf and use nova-manage in order to delete the old one and create a new one	13:04
Razique	NashTrash: If the network is attached to a project, you may use nova-manage scrub PROJECT-NAME first	13:05
NashTrash	Ah, the nova-manage scrub is the step I think I am missing	13:06
NashTrash	Razique: Thanks	13:06
*** ShermanBoyd has quit IRC		13:06
Razique	NashTrash: np	13:06
*** ShermanBoyd has joined #openstack		13:06
*** jfluhmann has joined #openstack		13:07
thickskin	hi guys.	13:08
Razique	hi thickskin	13:09
thickskin	somebody tell me what is nova-network and nova-schduler.	13:09
Razique	thickskin: have you read some docs on the nova project first or are you totally new ? :D	13:10
thickskin	I`ve already docs.-,.-;;	13:10
thickskin	I`ve already read docs.	13:11
*** ctennis has left #openstack		13:12
*** primeministerp has quit IRC		13:13
thickskin	I want to know their achitecture.	13:14
*** primeministerp has joined #openstack		13:15
Razique	thickskin: hang on	13:16
*** ryker has joined #openstack		13:16
Razique	thickskin: http://docs.openstack.org/cactus/openstack-compute/admin/content/understanding-the-compute-service-architecture.html	13:16
Razique	does that enlighten you ?	13:16
NashTrash	Ok, I have a new issue now. I just upgraded from \trunk (a couple of weeks old) to the milestone release. I tried to create a VM but am getting an error. See http://paste.openstack.org/show/1532/ for details.	13:17
NashTrash	It is clear that my DB schema has changed. How do I make sure it is up to date?	13:17
NashTrash	Is that nova-manage db sync?	13:17
thickskin	Razique:thank you.	13:19
thickskin	Razique:Can I ask something more?	13:19
thickskin	Razique: I want to know what is this? "Configuring networks for compute nodes"	13:20
NashTrash	Ok, nova-manage db sync seems to have solved that issue, on to the next.	13:20
Razique	NashTrash: thanks for the hint	13:20
Razique	NashTrash: where do you see that ?	13:21
NashTrash	Razique: I found the error in /var/log/nova/nova-api.log	13:21
Razique	NashTrash: sorry, I wanted to ask to thickskin :D	13:22
Razique	NashTrash: thanks though o/	13:22
Razique	thickskin: the nova-network service creates vlans and briges, handles iptables and ebtables rules	13:22
NashTrash	Ok, so now my instance starts to build, but it fails with an error in the nova-compute node log. Here are the details: http://paste.openstack.org/show/1533.	13:23
Razique	thickskin: I'll comment that part :)	13:23
NashTrash	Not even really sure what the issue is off the top of my head.	13:23
NashTrash	Time to look at code.	13:23
*** Zangetsue_ has joined #openstack		13:24
Razique	NashTrash: what euca-describe-instances shows ?	13:24
Razique	I think I've already had that issue :) let me check	13:25
*** Zangetsue has quit IRC		13:26
*** Zangetsue_ is now known as Zangetsue		13:26
Razique	NashTrash: could you paste your nova.conf and ifconfig for the servers	13:27
*** hggdh has quit IRC		13:27
thickskin	Razique: how can I check that in my physical node?	13:27
Razique	thickskin: what would you like to check ?	13:27
*** hggdh has joined #openstack		13:28
thickskin	Razique: if nova-network is worked there is something log.	13:28
Razique	thickskin: if the nova-network installed on the server?	13:29
thickskin	yes.	13:29
Razique	could you paste your nova.conf please ?	13:29
thickskin	wait for a second.	13:29
thickskin	Razique: here is my nova.conf http://pastebin.com/dpN5gdMR	13:31
NashTrash	Razique: No thing. The instance is shutdown	13:32
Razique	thickskin: seems good to me, what is your exact issue by now actually ?	13:32
Razique	NashTrash: ok so it goes in a shutdown step, could you send your nova.conf ?	13:33
thickskin	Razique: thank you for your help.	13:34
*** deva has joined #openstack		13:34
thickskin	Razique: I just want to know basical knoweldge about "nova"	13:34
NashTrash	Razique: I have not changed my nova.conf recently. This problem just started when I updated from ~bzr1050 to the milestone release.	13:35
Razique	thickskin: ok, the first thing you should do i read that guide : http://nova.openstack.org/nova.concepts.html	13:36
NashTrash	Razique: I decided to defer on the network changes for now and first make sure the update worked. Sadly it did not (at least yet).	13:36
Razique	thickskin: dig around the sections, there are well written :)	13:36
Razique	NashTrash: what nova-manage service list returns ?	13:36
*** foxtrotgulf has joined #openstack		13:37
Razique	NashTrash: while you made the upgrade, did you restarted the services ?	13:38
deva	@all , I recently had a problem running nova, installed in RHEL6.1,of DHCP request from VM instance isn't accepted at host machine. It turned out there is no firewall rule is added by openstack(nova) to allow DHCP requests from VM instance at host, although there are rules added to send DHCP replies from host to VM instance.	13:38
larissa	deva: Error: "all" is not a valid command.	13:38
deva	Please let me know if I missed any configuration, or there is any reason for nova not to add such rule	13:39
*** sante has joined #openstack		13:39
NashTrash	Razique: nova-manage service list shows all good	13:39
NashTrash	Razique: And I thought that I had restarted all of the services, but heck, lets try it again.	13:39
thickskin	Razique: thank you for your help. see you next time.	13:39
newopen	who can tell me how nova-network works and why it use br100?	13:40
*** amccabe has joined #openstack		13:40
deva	@Razique	13:40
larissa	deva: Error: "Razique" is not a valid command.	13:40
deva	Hi anyone aware of my situation ..>?	13:41
Razique	NashTrash: which distro are you running ?	13:41
uvirtbot	New bug: #792367 in nova "OSAPI: v1.1 image create support (serverRef)" [Low,In progress] https://launchpad.net/bugs/792367	13:41
Razique	deva: don't use the "@ symbol"; it's not a IRC command	13:42
deva	Razique: ok.. please lemme know if you are aware of my situation, that I posted earlier. Do u want me to post again	13:43
Razique	deva: please paste your nova conf and the result of nova-manage service list commande	13:43
deva	--verbose --nodaemon --dhcpbridge_flagfile=/opt/latest_code/latest_hpc/bin/nova.conf --network_manager=nova.network.manager.FlatDHCPManager --my_ip=10.0.1.3 --public_interface= --sql_connection=sqlite:////opt/latest_code/latest_hpc/nova.sqlite --auth_driver=nova.auth.dbdriver.DbDriver --libvirt_type=kvm --fixed_range=10.3.1.0/24 --flat_network_dhcp_start=10.3.1.2 ~	13:44
*** BK_man has quit IRC		13:44
*** BK_man has joined #openstack		13:44
Razique	deva: http://paste.openstack.org/	13:44
*** j05h has quit IRC		13:45
deva	Paste #1534	13:46
newopen	who can explain me the role of br100 please?	13:46
Razique	deva: the link is incorrect	13:46
Razique	I can't click it	13:46
Razique	newopen: http://docs.openstack.org/bexar/openstack-compute/admin/content/ch04s02.html	13:47
deva	http://paste.openstack.org/show/1535/	13:47
deva	please try this	13:47
*** kbringard has joined #openstack		13:48
Razique	deva: to be honnest, I use the VLAN mode, so not sure about the issue	13:50
newopen	Razique: thanks but it explains how configure networking not how nova-network works	13:50
deva	can you please clear my doubt that I have, whether nova adds a firewall rule to allow DHCP requests from VM instance at host. Like when I installed RHEL6.1, firewall has few rules to drop unauthorised packets.So no DHCP boot requests weren't allowed.	13:52
deva	when I added the rule -A INPUT -i br100 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT	13:52
deva	is started accepting DHCP requests	13:53
kbringard	deva: that rule should be setup by nova	13:53
kbringard	unless there is a bug	13:53
NashTrash	Razique: I am running ubuntu10.04 with the new Diablo-1 milestone release	13:53
NashTrash	Razique: it appears that nova-network is having a problem bringing up dnsmasq	13:53
Razique	NashTrash: how many dnsmask processes do you have ?	13:54
deva	yes, there is rule setup bu nova to allow DHCP replies back to VM instance , but rule to allow DHCP requests isn't added by nova	13:54
Razique	do you see something in nova-network.log ?	13:54
deva	I guess this might be bug, anyone of you can confirm this	13:54
*** Zangetsue has quit IRC		13:56
deva	Or atleast can anyone tell me how to verify whether this is a bug or configuration mistake	13:56
*** bcwaldon has joined #openstack		13:57
primeministerp	greetings programs	13:59
primeministerp	hi all just to let everyone know, our hyper-v stack is currently fully functional	14:00
primeministerp	we've got 90 enlightened vm's running on top of 8 nodes	14:00
primeministerp	all linux vms	14:00
deva	Or atleast can anyone tell me how to verify whether this is a bug or configuration mistake	14:00
*** kaan_ has quit IRC		14:01
Razique	primeministerp1: seems nice :)	14:01
kbringard	deva: unsure, I'm running 2011.3~d2~20110602.1142-0ubuntu0ppa1~maverick1 and it all works for me with no manual intervention	14:01
kbringard	primeministerp: good work	14:01
kbringard	that's cool	14:01
kbringard	maybe it's a RH thing that's not being accounted for in nova	14:02
*** med_out is now known as med		14:02
*** med is now known as medberry		14:03
deva	does your host machine is protected by firewall with rules in INPUT chain to drop packets that don't match all vaild rules above like this -A INPUT -j REJECT --reject-with icmp-host-prohibited	14:03
deva	my host machine does,	14:03
deva	this is when problem occurs	14:03
deva	what is RH thing?	14:04
kbringard	I meant a redhat thing, since I'm running Ubuntu	14:04
kbringard	but, my default policy is accept	14:04
kbringard	so if you have a default policy of drop, that would likely be your culprit	14:04
deva	No, default policy is ACCEPT	14:05
*** csgeek has joined #openstack		14:05
kbringard	well sure, but you said you have a rule that drops everything that doesn't match a valid rule	14:05
deva	but as I said the firewall should be opened with rule, -A INPUT -i br100 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT to accept DHCP requests	14:06
kbringard	which is the same thing as having the default policy be drop :-)	14:06
deva	I said about this rule -A INPUT -j REJECT --reject-with icmp-host-prohibited	14:06
kbringard	oh, that's just ICMP	14:06
uvirtbot	New bug: #792388 in nova "Libvirt snapshot causes KeyError: 'architecture'" [Undecided,In progress] https://launchpad.net/bugs/792388	14:06
deva	yeah you are right, same as drop . But shudn't nova create a rule to open firewall to allow DHCP requests from VM instance.when host machine is protected with firewall rules like this -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i br100 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A IN	14:08
*** Err404NotFound has joined #openstack		14:08
deva	Which accepts , ping and SSH packets only	14:08
*** bcwaldon has quit IRC		14:08
deva	for a security of host machine.	14:09
kbringard	yea, that's what I was getting to next, it probably should	14:09
Err404NotFound	OpenStack is for more like Rackspace cloud servers, or EC2. Does it support Rackspace Cloud sites?	14:09
csgeek	I'm a complete noob with openstack.. just wanted to make double check something. OpenStack is installed on top of an existign distro, .. so I can install Ubuntu Server and then install openstack on it.. correct?	14:10
*** asdfqwer has quit IRC		14:10
deva	kbringard: do u aware, if nova does something like that or not	14:10
*** bcwaldon has joined #openstack		14:10
Razique	Everytime I launch a new instance, it's unable to get it's metadatas, I'm in VLAN mode, and I've added the iptables rules which makes a DNAT from the 169.254.169.254 to the api server	14:10
jatsrt	csgeek: yes	14:10
kbringard	it doesn't look like it, I don't see a rule that like on my network-controller	14:10
csgeek	jatsrt: sweet.. thanks	14:10
jatsrt	ubuntu is preferred	14:10
deva	then is it bug	14:11
kbringard	Razique: do you have a route that is intercepting it?	14:11
jatsrt	razique: you do not need to do that	14:11
*** hub_cap has joined #openstack		14:11
jatsrt	on your compute nodes add:	14:11
kbringard	i found that if netconfzero was enabled, it would add a route for 169.254.0.0 that was hijacking the IPtables rule	14:11
csgeek	jatsrt: thank yo.	14:11
csgeek	*you	14:11
jatsrt	--ec2_dmz_host=172.16.16.10	14:11
jatsrt	--ec2_port=8773	14:11
kbringard	ah, there you go, or do that :-)	14:11
jatsrt	with your host of course	14:12
jatsrt	that will add the correct iptables rule	14:12
Razique	hi jatsrt	14:12
jatsrt	or maybe that is on the network node	14:12
Razique	it did yup, I've already add thses flags yes, but when I check, 0 packets have match that iptable rule	14:12
jatsrt	either way add it everywhere and it should work	14:12
*** BK_man has quit IRC		14:12
deva	kbringard: please lemme know if you are chatting with me	14:12
Razique	moreover, I use image from uec-images.ubnutu.com	14:13
kbringard	deva: my comment about not having a rule like that on my network controller was to you	14:13
kbringard	Razique: if you do a netstan -rn do you see a route for 169.254.0.0?	14:13
kbringard	on your compute nodes?	14:13
kbringard	that will hijack the IPtables rule if it's there	14:14
deva	kbringard: could you let me know, if there is any way I can confirm this is something nova is missing, and I can report it	14:14
jatsrt	razique: same setup as me, VLAN, UEC images, multiple nodes, all works fine	14:14
Razique	kbringard: I don't see the route	14:14
Razique	jatsrt: weird thing is that I get a 404	14:15
kbringard	deva: I really don't know, all I can tell you is that I don't have that rule on mine, so I am guessing it's an oversight and should probably be added to nova	14:15
jatsrt	so I had a similar propblem	14:15
Razique	(not a network unreachable as I had few days ago remember :) )	14:15
jatsrt	apache was running locally and screwing things up	14:15
jatsrt	uninstall apache	14:15
kbringard	Razique: ah, well that's something different then :-D	14:15
jatsrt	or at least disable it	14:15
Razique	don't Apache used by nova ?	14:15
jatsrt	foudn this on lates ubuntu because server adds a web console by default	14:16
jatsrt	nope	14:16
jatsrt	not that I know of at least	14:16
kbringard	yea, apache gets installed, but my install scripts explicitly remove it	14:16
kbringard	for that exact reason	14:16
Razique	kbringard: you right, nova doens't require Apache, Eucalyptus does! (I'm moving from euca to nova)	14:17
newopen	who can explain me the role of br100 please?	14:17
Razique	so I've apache running on the compute node :	14:17
jatsrt	kill it on compute node and api node	14:17
kbringard	newopen: it is the bridge network device that allows the VMs to access the network	14:17
jatsrt	restart everything	14:17
*** j05h has joined #openstack		14:17
kbringard	haha, yea, if you had euca installed you should format and reinstall :-p	14:17
jatsrt	agreed with kbringard	14:18
dsockwell	thirded	14:18
jatsrt	euca makes one hell of a mes of the system	14:18
newopen	so whu nova-network is the gateway?	14:18
Razique	kbringard: ahah :p	14:18
dsockwell	the missiles, fire them	14:18
kbringard	dsockwell: but I am le tired	14:18
dsockwell	well then have a nap	14:18
Razique	well it took me hours to clean it ^^	14:18
kbringard	dsockwell: but then FIRE ZEE MISSELS!	14:19
kbringard	Razique:	14:19
kbringard	err	14:19
dsockwell	the point is nuke that eucalyptus box	14:19
kbringard	yes, agreed	14:19
kbringard	Razique: you should setup some kind of PXE, if you're going to deploy this to more than a few machines	14:20
jatsrt	razique: a nice clean ubuntu install	14:20
*** robbiew has joined #openstack		14:20
kbringard	in which case nuking the machine is easy	14:20
jatsrt	add the trunk ppa	14:20
jatsrt	install everything on the management nodes, then disable what you don't want run on them	14:20
jatsrt	then just install nova-compute on the compute nodes	14:20
jatsrt	setup nova.conf	14:20
jatsrt	and up and running in no time	14:21
Razique	jatsrt: that is what I love about nova :)	14:21
jatsrt	if doing vlan mode, don't need to mess with interfaces or anything	14:21
Razique	ok so apache totally removed, let's restart everyhting :D	14:21
Razique	actually , i'm about to add 6 compute nodes (just one atm), when I'll put the nodes, i'll reinstall that current one :)	14:22
Razique	(need to go to the datacenter for that :o )	14:22
jatsrt	what no remote install!	14:22
Razique	jatsrt: not yet, it's a new infrastructure	14:22
dsockwell	you don't keep a ghoul in your cage to do that sort of thing?	14:22
Razique	ahah you guys are funny :D	14:23
dsockwell	if my job was to babysit a cage i'd totally pretend i was in a zoo	14:23
Razique	dsockwell: I know, but the physical configuration is not completely over :)	14:23
dsockwell	ah	14:24
jatsrt	I'd love an excuse to head to the datra center, it's on the other side of the country	14:24
kbringard	w00t travel budget!	14:24
kbringard	hehe	14:24
Razique	dsockwell: The remote PDU access ain't ready yet, etc...	14:24
kbringard	I've spent enough time in DCs in my career, I'm happy to not have to go to one again, ever	14:25
jatsrt	well one of them is, the other is a block away	14:25
NashTrash	kbringard: I have a nova-network issue, might you have a bit of time?	14:25
jatsrt	kbrigard: that is true	14:25
Razique	jatsrt: the thing is here, it's a 30 mn travel, so enought to eat half a day, not enough to make it a real travel :D	14:25
kbringard	NashTrash: sure, I take a stab at it	14:25
Razique	NashTrash: just ask here :D	14:25
kbringard	NashTrash: but I should tell you, if you're not using VLAN mode, my experience will be severely limited :-)	14:26
kbringard	yea, and what Razique said, if I can't help, someone probably can	14:26
NashTrash	kbringard: Thanks. I opened a question for it (https://answers.launchpad.net/nova/+question/160146). But the long and short is that I upgraded to D1 milestone release and now nova-network fails to start properly.	14:26
NashTrash	kbringard: I get all sorts of spew in the nova-network.log file.	14:26
kbringard	oh... I think I heard someone else say something about that this morning too... unless it was you	14:26
kbringard	one sec, lemme scroll back	14:26
jatsrt	I had the same problem	14:27
newopen	if i use another bridge then br100 which sent sflow traffic to another host, how be sure that my (nova-network) will permit this traffic?	14:27
NashTrash	kbringard: probably me	14:27
jatsrt	it was some crap left in the database of dead instances it was trying to recover the networking for	14:27
NashTrash	jatsrt: Ha. What did the error look like?	14:27
NashTrash	jatsrt: Did you just purge a table or something?	14:28
kbringard	oh, that was you	14:28
kbringard	haha	14:28
NashTrash	;)	14:28
jatsrt	NashTrash: I beleive I did, if you look around the line of code you see what it is grabbing, which I think is instance data and trying to reassign and rebuild it's network	14:28
jatsrt	I purges my projects, instances and network data	14:29
jatsrt	because I could	14:29
jatsrt	cleaned it up	14:29
NashTrash	jatsrt: I would really prefer not to lose my projects data. Not a huge loss it if comes to that though	14:29
jatsrt	you might be albe to get away with purging instances, if they are all dead anyway	14:29
jatsrt	and then do a project scrub	14:29
NashTrash	Let's try that	14:30
newopen	if i use another bridge then br100 which sent sflow trafic to another host, how be sure that my (nova-network) will permit this trafic?	14:30
kbringard	newopen: I'm not sure about integrating it into Open vSwitch (meaning I don't know how/if the sflow stuff will work), but I use tons of different bridge devices	14:31
kbringard	newopen: just set the bridge device and corresponding vlan tag in the networks table in the nova db	14:31
kbringard	and the compute/network code will bring up the bridges and tag them	14:31
newopen	i do it for bridge	14:31
newopen	nova-network use br0 (openvswitch)	14:32
newopen	but no configuration works with nova	14:32
kbringard	well, nova makes brutils calls directly	14:32
newopen	when i use only openvswitch it sents sflow trafic	14:32
kbringard	at least it did last time I was messing with vswitch	14:33
newopen	when i integrate it with nova no more trafic :(((((	14:33
*** jkoelker has joined #openstack		14:33
kbringard	so I had to run it with the brcompat daemon stuff	14:33
newopen	the same thing with vlans	14:35
*** sante has quit IRC		14:36
Razique	ok, back	14:37
*** sante has joined #openstack		14:37
newopen	i tagged vnets in different vlan but they still ping themselves	14:37
Razique	after I removed Apache, and restarted the whole cloud, I still have 404 errors	14:37
Razique	I tried a wget http://169.254.169.254/2009-04-04/meta-data/instance-id, I do have a 404 error	14:39
NashTrash	jatsrt: nova-manage project scrub seems to have worked.	14:39
NashTrash	jatsrt: thanks.	14:39
Razique	it's like this ip doesn't exist	14:39
*** alandman has joined #openstack		14:39
jatsrt	yep	14:39
jatsrt	Razique: yeah, I had similar issues	14:39
jatsrt	you need to try to determine what is picking up the request	14:40
jatsrt	a 404 means something is there, if it was nova-network you would get time outs	14:40
* Razique hopes that jatsrt's memory will work nice :D		14:40
jatsrt	http://169.254.169.254	14:40
jatsrt	what happens if you wget that from the compute host	14:40
jatsrt	you should get a listing of the api dates	14:40
jatsrt	if you get a "generic" index page you are hitting something else	14:41
Razique	i've an index.html	14:41
Razique	"It works!"	14:41
Razique	hehe	14:41
*** BK_man has joined #openstack		14:41
jatsrt	contents of that?	14:41
Razique	jatsrt: oh you know, it's the default Apache2 page	14:41
jatsrt	yep	14:41
jatsrt	same problem still then	14:42
jatsrt	This was something that was killing me with euca	14:42
newopen	<kbringard: what can une do with brcompat	14:42
Razique	the one saying that the server works, it's that index.html page (with html tags and stuff :D )	14:42
jatsrt	when I clean installed I made sure apache was shut down	14:42
jatsrt	Razique: are you getting that from an instance or from a host?	14:43
kbringard	newopen: it basically takes brcrtl commands and sticks them in a db, then applies the equivalent commands to open vswitch	14:43
Razique	jatsrt: when I check the iptables rule (the NAT for that ip) 0 packets are passing thought it at all	14:43
jatsrt	yeah	14:43
Razique	jatsrt: I see the 404 error when I issue an euca-get-console-output	14:43
kbringard	newopen: but it's been like months since I messed with it :-/	14:43
Razique	jatsrt: and I see that into nova-network.log http://paste.openstack.org/show/1537/	14:44
jatsrt	so that error seems like you need to scrub your projects	14:45
jatsrt	so I just checked and there are no iptables rules for 169 setup by nova that I can tell, not too sure how it proxy/nats it	14:46
Razique	jatsrt: you should have one :) check Chain nova-network-PREROUTING (1 references)	14:46
Razique	via iptables -L -nv -t nat	14:46
*** j05h has quit IRC		14:46
Razique	(at least, here, it's created when I start the nova-network service	14:47
jatsrt	on manager or compute node?	14:47
Razique	jatsrt: on manager	14:47
Razique	ohh I was wrong, actually, packets DO match that rule	14:47
jatsrt	got it -A nova-network-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.16.16.10:8773	14:48
Razique	jatsrt: :)	14:48
jatsrt	so I had this because something else was holding port 80(apache) and intercepting the nat	14:48
jatsrt	netstat -an showing apache still on port 80?	14:49
Razique	on both servers I run netstat -tanpu \| grep ":80"	14:49
kbringard	or check lsof -i	14:49
Razique	oh	14:49
Razique	Apache is running again Oo	14:49
Razique	This is the compute node	14:49
Razique	http://paste.openstack.org/show/1538/	14:49
jatsrt	that might be doing it	14:50
jatsrt	kill apache or change the port in /etc/apache2...	14:50
Razique	plus it ain't running on the compute node, it's the "frontend"	14:50
Razique	i'll remove it here too :)	14:51
Razique	dunno why the script I get install it though :/	14:51
Razique	(that one https://github.com/elasticdog/OpenStack-NOVA-Installer-Script/raw/master/nova-install )	14:51
RichiH	ttx, soren: wouldn't it make sense to export the meeting agenda as VCAL or similar so people can import/bookmark it?	14:52
RichiH	for #openstack-meeting	14:52
*** Eyk^off is now known as Eyk		14:55
*** j05h has joined #openstack		14:56
*** foxtrotdelta has joined #openstack		15:01
*** Binbin has joined #openstack		15:01
*** imsplitbit has joined #openstack		15:02
*** foxtrotgulf has quit IRC		15:02
*** kennethkalmer has quit IRC		15:03
*** dgags has joined #openstack		15:03
*** lorin1 has joined #openstack		15:03
*** dendro-afk is now known as dendrobates		15:07
Razique	jatsrt: do Glance use apache ?	15:11
Razique	cuz I use Glance, not I have a "failed to spawn" error when I check via euca-describe instance	15:11
*** hub_cap has quit IRC		15:12
*** hub_cap has joined #openstack		15:12
alandman	I have questions about projects and zones	15:15
alandman	A user is assigned to a project, is a compute node assigned to a zone?	15:16
alandman	Is the project then tied to the zone?	15:16
jatsrt	Razique: don't think so, I have glance too	15:17
jatsrt	no apache	15:17
Razique	jatsrt: relief, I was afraid I broke down Glance	15:17
Razique	but still this failed to spawn remains weird. I removed manually bridge and Vlan on the compute node	15:18
*** reidrac has quit IRC		15:18
Razique	at what stage are they created ?	15:18
jatsrt	Razique, what erors are you seeing now	15:20
*** gondoi has quit IRC		15:20
*** DodoPahim has quit IRC		15:22
*** DodoPahim has joined #openstack		15:24
*** obino has quit IRC		15:25
*** rnirmal has joined #openstack		15:27
Razique	jatsrt: found it http://paste.openstack.org/show/1539/	15:27
*** gondoi has joined #openstack		15:28
jatsrt	um typo?	15:28
Razique	jatsrt: what typo means ? (I'm french ^^)	15:28
jatsrt	Ahh, did you type hvm instead of kvm somewhere	15:29
jatsrt	I'd try to say that in french but I'm not that good	15:29
Razique	mmm no, don't think so	15:29
Razique	BUT	15:29
jatsrt	https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/445253	15:30
jatsrt	make sure virtulization is on in the bios	15:30
jatsrt	what do you get on the compute node with kvm-ok	15:30
Razique	jatsrt: it definitely is, this same instance was running before (and when I check via ps axl, it was a KVM image)	15:31
*** jedi4ever has quit IRC		15:31
Razique	seems good :) http://paste.openstack.org/show/1541/	15:31
*** dendrobates is now known as dendro-afk		15:33
jatsrt	hmmm, I know I was able to get /dev/kvm without the bios allowing virtualization, but never saw this error. that is what it would indicate though	15:33
*** deshantm_laptop has joined #openstack		15:33
jatsrt	how many servers are you using right now and how many are compute nodes?	15:33
Razique	jatsrt: two servers atm, one for everything But nova-compute	15:34
jatsrt	can you paste your nova-manage service list	15:34
Razique	and the other one which runs nova-compute	15:34
Razique	I think I figured out jatsrt	15:35
jatsrt	mostly to get my head wrapped around the setup	15:35
jatsrt	and....	15:35
Razique	on my management server, nova-compute is running =)	15:35
jatsrt	what was it	15:35
*** vladimir3p has joined #openstack		15:35
jatsrt	that is what I was getting at :-)	15:35
Razique	the management server is just a VM itself, so unable to run an instance. When nova scheduler checks for nodes, it uses the VM	15:35
Razique	heeh http://paste.openstack.org/show/1542/	15:36
Razique	can I remove nova-compute on the frontend like "apt-get remove nova-compute" without incidence ?	15:36
Razique	have to go (french festival here in Lyon 'Nuits Sonores')	15:37
*** DodoPahim has quit IRC		15:37
Razique	thanks a lot jatsrt , and you guys, fantastic community here :)	15:37
jatsrt	nova-manage service disable ....	15:38
jatsrt	to disable nova-ompute on that node	15:38
jatsrt	cya later	15:38
Razique	ok, i'll do that, thanks mate	15:38
*** Razique has quit IRC		15:39
*** DodoPahim has joined #openstack		15:40
*** kbringard has quit IRC		15:40
*** kbringard has joined #openstack		15:41
*** maplebed has joined #openstack		15:47
*** nacx has quit IRC		15:47
dsockwell	do there exist some public amis for openstack?	15:48
dsockwell	amis or tarballs or however they're distributed	15:48
jatsrt	ubuntu uec images	15:51
jatsrt	http://uec-images.ubuntu.com/	15:51
*** jatsrt has left #openstack		15:54
*** koolhead11 has quit IRC		15:54
*** jatsrt has joined #openstack		15:54
*** dendro-afk is now known as dendrobates		15:56
*** irahgel has left #openstack		15:57
*** DodoPahim has quit IRC		15:59
*** obino has joined #openstack		15:59
*** rchavik has quit IRC		16:00
*** sante has quit IRC		16:00
*** DodoPahim has joined #openstack		16:00
uvirtbot	New bug: #792431 in nova "Double requirement in pip-requires" [Undecided,In progress] https://launchpad.net/bugs/792431	16:01
katkee	hello, i create a puppetmaster instance and then need to tell another puppet client on another instance the ip of the puppet master. can somebody suggest a way to do that?	16:03
*** dragondm has joined #openstack		16:09
*** foxtrotdelta has quit IRC		16:10
elasticdog	katkee: wrong channel? but you can specify the master server in puppet.conf with the "server" configuration parameter	16:12
*** kennethkalmer has joined #openstack		16:14
*** dprince has quit IRC		16:16
katkee	elasticdog: i was wondering if instances could update a DNS entry with OS API maybe	16:17
*** kashyap has quit IRC		16:19
*** kashyap has joined #openstack		16:19
elasticdog	katkee: if the puppet master server is resolvable as "puppet.yourdomain.com" the clients will connect to it automatically	16:23
elasticdog	not sure what you mean by OS API though	16:23
*** openpercept_ has quit IRC		16:23
*** foxtrotgulf has joined #openstack		16:24
*** Binbin has quit IRC		16:29
*** tblamer has joined #openstack		16:29
*** imsplitbit has quit IRC		16:31
*** kashyap has quit IRC		16:35
*** dysinger has quit IRC		16:35
*** dysinger has joined #openstack		16:35
*** mdomsch has joined #openstack		16:35
*** dprince has joined #openstack		16:38
*** joearnold has joined #openstack		16:41
*** mgius-away is now known as mgius		16:43
*** mattray has joined #openstack		16:45
*** newopen has quit IRC		16:51
*** Ryan_Lane has joined #openstack		16:55
*** vladimir3p_ has joined #openstack		16:56
*** koolhead17 has joined #openstack		16:57
*** mgoldmann has joined #openstack		16:58
katkee	elasticdog: i found another solution by using cloud-init. Thanks for your help	16:59
*** jdurgin has joined #openstack		17:00
kbringard	does anyone know the status of inter security group communication? it looks like it's not working as I would expect... at least not in VLAN mode	17:00
*** vladimir3p_ has left #openstack		17:01
kbringard	by which I mean, I bring up 2 instances in the same project in 2 different security groups, neither of which allows ICMP from anywhere, yet the instances can ping each other	17:01
kbringard	I thought ebtables was supposed to protect against that, but there don't appear to be any ebtables rules setup on any of my nodes (all set to accept)	17:02
*** amccabe has quit IRC		17:04
*** openpercept_ has joined #openstack		17:04
*** openpercept_ has quit IRC		17:04
*** openpercept_ has joined #openstack		17:04
*** MarkAtwood has quit IRC		17:08
kbringard	from looking at the code it looks like it's only supported in xenserver?	17:09
*** test123 has joined #openstack		17:11
*** vladimir3p has quit IRC		17:16
*** DodoPahim has quit IRC		17:16
*** amccabe has joined #openstack		17:17
*** test123 has quit IRC		17:18
*** DodoPahim has joined #openstack		17:19
*** vladimir3p has joined #openstack		17:19
kbringard	ooooo, I think I found it	17:28
kbringard	flags.DEFINE_bool('allow_project_net_traffic',True,'Whether to allow in project network traffic')	17:28
*** katkee has quit IRC		17:30
*** deshantm_laptop_ has joined #openstack		17:30
*** deshantm_laptop_ has quit IRC		17:32
*** deshantm_laptop has quit IRC		17:32
*** nelson has quit IRC		17:36
*** nelson has joined #openstack		17:36
*** aliguori has quit IRC		17:39
kbringard	so yea, if you don't want instances in the same project to be able to inherently talk to each other, set --allow_project_net_traffic=false in your nova.conf	17:41
*** bcwaldon has quit IRC		17:46
*** MarkAtwood has joined #openstack		17:52
*** rcc has quit IRC		18:02
*** MarkAtwood has quit IRC		18:03
*** aliguori has joined #openstack		18:12
vishy	kbringard: that is true, there is no blocking in a project	18:15
vishy	kbringard: cool you found the flag :)	18:15
kbringard	hehe, yessir	18:15
kbringard	then if I want the instances in a security group to talk to each other, I just do a euca-authorize --source-group group1 group1	18:16
kbringard	yea?	18:16
vishy	kbringard: in theory yes, although I've never tested security group source groups yet	18:17
kbringard	I was messing with it a bit... it worked in 2 groups, but then not in a 3rd, which seems odd	18:17
kbringard	so	18:17
kbringard	I probably did something wrong	18:17
vishy	that code has not been tested extensively, so it may be that there are some weird chains that break it	18:18
vishy	if you find a reproducible problem, ping soren about it. He wrote that code	18:18
kbringard	okie dokie, yea, I was gunna say, I'll keep poking at it and see what I can come up with	18:18
kbringard	thank you sir	18:18
*** NashTrash has quit IRC		18:21
*** NashTrash has joined #openstack		18:22
*** DodoPahim_ has joined #openstack		18:23
*** DodoPahim_ has quit IRC		18:24
*** DodoPahim has quit IRC		18:24
*** heckj has joined #openstack		18:25
uvirtbot	New bug: #792487 in nova "Xen image snapshot upload failure (glance 'v1' support)" [Medium,In progress] https://launchpad.net/bugs/792487	18:26
*** DodoPahim has joined #openstack		18:28
deva	vishy:Hi .. if u remember, I was the one chatted with you regarding unable to ping VM instance in RHEL6.1 with firewall containing rules -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited	18:35
deva	I found the issue was Like when I installed RHEL6.1, firewall has few rules to drop unauthorised packets.So no DHCP boot requests weren't allowed.when I added the rule -A INPUT -i br100 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT	18:36
deva	please lemme know if something needs to be configured to make nova add rule to accept DHCP requests from host machine. I observed nova adds such rule to allow DHCP reply messages back to VM insatance from host not for DHCP requestd from VM to host	18:38
deva	or lemme know nova for any reason doesn't do this	18:38
*** jonkelly has joined #openstack		18:39
*** openpercept_ has quit IRC		18:41
*** brd_from_italy has joined #openstack		18:41
*** r5 has joined #openstack		18:44
*** mattray has quit IRC		18:45
*** PeteDaGuru has quit IRC		18:46
*** PeteDaGuru has joined #openstack		18:46
*** r5 has quit IRC		18:49
*** r5 has joined #openstack		18:49
*** jakedahn has joined #openstack		18:53
*** nhm has quit IRC		18:54
*** kennethkalmer has quit IRC		18:54
*** r5 has quit IRC		18:58
*** mattray has joined #openstack		19:02
*** Ryan_Lane is now known as Ryan_Lane\|food		19:05
*** imsplitbit has joined #openstack		19:10
*** dragondm has quit IRC		19:11
*** MarkAtwood has joined #openstack		19:17
*** fabiand__ has joined #openstack		19:18
*** alandman has quit IRC		19:18
*** ameade has quit IRC		19:22
*** mdomsch has quit IRC		19:23
*** ameade has joined #openstack		19:24
NashTrash	vishy: I am not getting ssh connectivity through a public IP address after the upgrade to Diablo-1 milestone. I want to confirm that the right things are showing up in iptables.	19:25
NashTrash	If I have opened ssh and ping for my group, would there be something that should show up in iptables?	19:25
*** ameade has quit IRC		19:26
*** Ryan_Lane\|food is now known as Ryan_Lane		19:28
NashTrash	vishy: Nevermind. I just ran euca-authorize for ssh again and it works now.	19:31
*** hggdh has quit IRC		19:32
*** fabiand__ has quit IRC		19:32
*** MarcMorata has joined #openstack		19:33
*** lborda has quit IRC		19:35
*** lborda has joined #openstack		19:35
*** nRy has joined #openstack		19:38
*** dirakx2 has joined #openstack		19:42
*** dirakx2 has quit IRC		19:46
*** j05h has quit IRC		19:50
*** j05h has joined #openstack		19:50
*** hggdh has joined #openstack		19:51
*** Eyk is now known as Eyk^off		19:55
*** anotherj1sse has quit IRC		19:58
*** markvoelker has quit IRC		20:01
*** lborda has quit IRC		20:02
*** mgius has quit IRC		20:08
*** dprince has quit IRC		20:10
*** jkoelker has quit IRC		20:12
kbringard	hmmm, I don't know that it causes a problem, but it looks like old nwfilter rules don't get purged	20:15
kbringard	if I log onto any arbitrary compute node and do a virsh nwfilter-list it still has entries for old instances that have been terminated	20:16
*** lborda has joined #openstack		20:17
*** rnirmal_ has joined #openstack		20:21
*** rnirmal has quit IRC		20:22
*** rnirmal_ is now known as rnirmal		20:22
*** hub_cap has quit IRC		20:22
*** rnirmal has left #openstack		20:23
*** hub_cap has joined #openstack		20:23
*** hub_cap has quit IRC		20:23
*** jkoelker has joined #openstack		20:25
*** aliguori has quit IRC		20:34
*** aliguori has joined #openstack		20:34
*** jk0 has joined #openstack		20:35
*** ChanServ sets mode: +v jk0		20:35
*** jk0 has left #openstack		20:35
*** ccustine has quit IRC		20:36
*** duffman has quit IRC		20:36
*** jakedahn has quit IRC		20:36
*** duffman has joined #openstack		20:36
*** katkee has joined #openstack		20:38
*** jakedahn has joined #openstack		20:42
*** dragondm has joined #openstack		20:43
*** pguth66 has joined #openstack		20:45
*** jakedahn has quit IRC		20:47
*** llang629 has joined #openstack		20:52
*** MarkAtwood has quit IRC		20:53
*** tblamer has quit IRC		20:54
*** dgags has quit IRC		20:54
*** MotoMilind has joined #openstack		20:57
*** jkoelker has quit IRC		20:59
*** lorin1 has quit IRC		21:02
vishy	kbringard: lp:~sleepsonthefloor/nova/lp783705	21:03
vishy	didn't realize that didn't make it in yet	21:03
kbringard	ahhh, awesome, I'll go check it out	21:03
kbringard	thanks	21:03
*** DodoPahim has quit IRC		21:04
*** jakedahn has joined #openstack		21:07
vishy	kbringard: just pinged him so he can merge with trunk	21:08
*** aliguori_ has joined #openstack		21:08
*** aliguori has quit IRC		21:08
*** jatsrt has left #openstack		21:12
kbringard	fantastic, thanks	21:13
kbringard	as an aside, I am still digging into why, but it looks like the --source-groups stuff doesn't really work	21:13
*** h0cin has quit IRC		21:14
*** llang629 has left #openstack		21:14
*** jkoelker has joined #openstack		21:16
*** brd_from_italy has quit IRC		21:18
*** shentonfreude has quit IRC		21:20
vishy	kbringard: cool. We should loop soren in	21:21
*** NashTrash has quit IRC		21:34
uvirtbot	New bug: #792584 in nova "DHCP/BOOTP Request messages from VM are dropped in firewall protected host machine" [Undecided,New] https://launchpad.net/bugs/792584	21:36
*** aliguori_ has quit IRC		21:38
*** dragondm has quit IRC		21:41
*** foxtrotgulf has quit IRC		21:42
*** dragondm has joined #openstack		21:45
*** ryker has quit IRC		21:45
*** jfluhmann has quit IRC		21:48
*** dragondm has quit IRC		21:53
*** dragondm has joined #openstack		21:53
*** kbringard has quit IRC		21:55
*** imsplitbit has quit IRC		21:56
*** ryker has joined #openstack		21:58
*** ryker has quit IRC		21:58
*** jfluhmann has joined #openstack		22:02
*** pguth_txtual has joined #openstack		22:08
*** PeteDaGuru has quit IRC		22:10
*** ryker has joined #openstack		22:12
*** amccabe has quit IRC		22:15
*** joearnold has quit IRC		22:25
*** gondoi has quit IRC		22:25
*** neuro_da1age is now known as neuro_damage		22:27
*** jkoelker has quit IRC		22:27
*** jonkelly has quit IRC		22:33
*** pguth_txtual has quit IRC		22:37
*** mgoldmann has quit IRC		22:41
*** mattray has quit IRC		22:42
*** allsystemsarego has quit IRC		22:42
*** ryker has quit IRC		22:44
*** aliguori has joined #openstack		22:45
*** hallyn has quit IRC		22:48
*** joearnold has joined #openstack		23:07
*** aliguori has quit IRC		23:11
*** asdfqwer has joined #openstack		23:12
*** katkee has quit IRC		23:26
*** koolhead17 has quit IRC		23:30
*** koolhead17 has joined #openstack		23:31
*** Ryan_Lane has quit IRC		23:35
*** joearnold has quit IRC		23:37
*** joearnold has joined #openstack		23:41
*** vernhart has joined #openstack		23:43
*** robbiew has left #openstack		23:45
*** heckj has quit IRC		23:55
*** pguth66 has quit IRC		23:59

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!