Wednesday, 2012-06-20

« Tuesday, 2012-06-19 Index Thursday, 2012-06-21 »
*** kindaopsdevy has quit IRC00:00
*** JStoker has quit IRC00:03
*** MarkAtwood has quit IRC00:04
*** adjohn has quit IRC00:10
*** JStoker has joined #openstack00:15
*** sandywalsh has joined #openstack00:19
*** sandywalsh_ has quit IRC00:19
*** Glace has quit IRC00:26
*** warik has left #openstack00:28
*** Aaton is now known as Aaton_off00:29
*** natea has joined #openstack00:29
*** natea has quit IRC00:34
*** MyAzhax has joined #openstack00:40
*** s0mik has quit IRC00:43
uvirtbotNew bug: #1015355 in nova "LoopingCalls in libvirt return immediately" [High,In progress] https://launchpad.net/bugs/101535500:51
*** sae has joined #openstack00:53
*** RamJett has joined #openstack00:53
*** anderstj has joined #openstack00:54
*** sinaNeCTAR has joined #openstack01:00
*** warik_ has joined #openstack01:05
*** nmistry has joined #openstack01:06
*** anderstj has quit IRC01:06
*** mkouhei has joined #openstack01:07
*** ryanpetrello has joined #openstack01:08
*** warik_ has quit IRC01:10
*** matwood has joined #openstack01:10
*** MarkAtwood has joined #openstack01:11
*** vitiho has joined #openstack01:12
*** rods has quit IRC01:13
*** bencherian has quit IRC01:14
*** bencherian has joined #openstack01:17
*** rnorwood has quit IRC01:17
*** dtroyer_zzz is now known as dtroyer01:18
*** adjohn has joined #openstack01:19
*** rods has joined #openstack01:19
*** littleidea has quit IRC01:19
*** littleidea has joined #openstack01:21
*** ryanpetrello has quit IRC01:22
*** vitiho_ has joined #openstack01:24
*** vitiho has quit IRC01:24
*** MarkAtwood has quit IRC01:25
*** nmistry has quit IRC01:25
*** MarkAtwood has joined #openstack01:25
*** jplewi has quit IRC01:26
*** warik has joined #openstack01:26
*** datsun180b has quit IRC01:26
*** jog0_ has joined #openstack01:27
*** zeriouz_ has quit IRC01:27
*** johnpostlethwait has quit IRC01:29
*** jedi4ever has quit IRC01:30
*** bencherian has quit IRC01:31
*** jog0_ has quit IRC01:32
*** kmulvey has quit IRC01:32
*** rods has quit IRC01:33
*** GeorgeH has quit IRC01:36
*** ryanpetrello has joined #openstack01:40
*** jackh has joined #openstack01:43
*** networkstatic has left #openstack01:53
*** Mike656 has joined #openstack01:53
*** edygarcia has joined #openstack01:57
*** Mike656 has quit IRC01:59
*** derchris has joined #openstack02:00
*** cooper_ has joined #openstack02:02
*** osier has joined #openstack02:02
*** freeflying_ has joined #openstack02:03
*** jdurgin has quit IRC02:05
*** warik has quit IRC02:06
*** warik has joined #openstack02:07
*** Leseb has joined #openstack02:11
*** MyAzhax has quit IRC02:12
*** Leseb has quit IRC02:15
*** julianwa has joined #openstack02:16
*** littleidea has quit IRC02:17
*** cooper has quit IRC02:17
*** cooper_ is now known as cooper02:17
*** jcannava has joined #openstack02:17
*** cooper has quit IRC02:17
*** freeflying_ has quit IRC02:19
*** littleidea has joined #openstack02:19
*** markmcclain has joined #openstack02:20
*** adalbas has quit IRC02:20
*** zinjacoder has quit IRC02:24
*** julianwa has quit IRC02:24
*** littleidea has quit IRC02:25
*** julianwa has joined #openstack02:25
*** s0mik has joined #openstack02:26
*** littleidea has joined #openstack02:26
*** littleidea has quit IRC02:26
*** hermy|away is now known as hermy02:27
*** littleidea has joined #openstack02:29
*** freeflying_ has joined #openstack02:29
*** dtroyer is now known as dtroyer_zzz02:32
*** johnpur has quit IRC02:32
*** koolhead17|afk has quit IRC02:32
*** RicardoSSP has quit IRC02:34
*** warik has quit IRC02:38
*** MyAzhax has joined #openstack02:38
*** jcannava has quit IRC02:39
*** jcannava has joined #openstack02:39
*** littleidea has quit IRC02:40
*** agonella has quit IRC02:41
*** julianwa has quit IRC02:41
*** julianwa has joined #openstack02:42
*** miclorb has quit IRC02:49
*** noob has quit IRC02:51
*** rnorwood has joined #openstack02:51
*** julianwa has quit IRC02:51
*** salgado-afk has quit IRC02:53
*** julianwa has joined #openstack02:53
*** sandfish8 has quit IRC02:54
*** blamar has joined #openstack02:57
*** blamar has quit IRC02:58
*** blamar has joined #openstack02:58
*** rmartinelli has joined #openstack03:00
*** MarkAtwood has quit IRC03:05
*** matwood has quit IRC03:05
*** andutros has joined #openstack03:08
*** mnaser has joined #openstack03:09
*** s0mik has quit IRC03:10
*** littleidea has joined #openstack03:10
*** anderstj has joined #openstack03:10
*** nmistry has joined #openstack03:10
*** anderstj has quit IRC03:12
*** leeight_ has joined #openstack03:13
*** s0mik has joined #openstack03:14
*** clopez has quit IRC03:15
*** martin has quit IRC03:16
*** edygarcia has quit IRC03:16
*** julianwa has quit IRC03:17
*** johnpur has joined #openstack03:19
*** ChanServ sets mode: +v johnpur03:19
*** MarkAtwood has joined #openstack03:19
*** johnpur has quit IRC03:19
*** matwood has joined #openstack03:20
*** freeflying_ has quit IRC03:21
*** sandfish8 has joined #openstack03:22
*** martin has joined #openstack03:22
*** vitiho_ has quit IRC03:26
*** vitiho has joined #openstack03:26
*** natea has joined #openstack03:28
*** asalkeld has joined #openstack03:30
*** jedi4ever has joined #openstack03:32
hugokuomorning03:37
hugokuohow's everyone :>03:37
*** rmartinelli has quit IRC03:37
*** KavanS has quit IRC03:39
*** dtroyer_zzz is now known as dtroyer03:39
*** nati_ueno has quit IRC03:40
*** bharata has joined #openstack03:42
*** sandywalsh has quit IRC03:46
*** dwcramer has quit IRC03:47
*** ewindisch has quit IRC03:47
*** osier has quit IRC03:48
*** littleidea has quit IRC03:51
*** rnorwood has quit IRC03:55
*** sae has quit IRC03:59
uvirtbotNew bug: #1015385 in quantum "samplev2plugin shows error while trying to create subnet/networks" [Undecided,New] https://launchpad.net/bugs/101538504:01
*** miclorb has joined #openstack04:03
*** sae has joined #openstack04:03
*** anderstj has joined #openstack04:08
*** hunglin has joined #openstack04:11
*** sae has quit IRC04:12
*** sae has joined #openstack04:14
*** chrisfer has quit IRC04:16
*** natea has quit IRC04:20
*** markmcclain has quit IRC04:22
*** sae has quit IRC04:25
*** dolphm has joined #openstack04:26
*** Abhilash has joined #openstack04:26
*** anderstj has quit IRC04:27
*** metral has joined #openstack04:27
*** Guest7599 has quit IRC04:29
*** metral_ has joined #openstack04:30
*** metral has quit IRC04:31
*** metral has joined #openstack04:31
*** cooper_ has joined #openstack04:31
*** cheako has quit IRC04:32
*** sae has joined #openstack04:32
*** metral_ has quit IRC04:35
*** garyk has quit IRC04:38
*** llang629 has joined #openstack04:39
*** sae has quit IRC04:41
*** freeflying_ has joined #openstack04:41
*** andutros has quit IRC04:43
*** andutros has joined #openstack04:44
*** llang629 has left #openstack04:44
*** vibhav has joined #openstack04:48
*** vibhav is now known as Guest8104904:49
*** hermy is now known as hermy|away04:51
*** dolphm has quit IRC04:53
*** shang has quit IRC04:56
*** cheako has joined #openstack04:56
*** s0mik has quit IRC05:00
*** steveb_ has quit IRC05:00
*** zigo has joined #openstack05:02
*** deepakcs has joined #openstack05:05
*** andrewsben is now known as andrewsben_zz05:07
*** daniele- has quit IRC05:10
*** oneiroi has quit IRC05:10
*** trapni has quit IRC05:11
*** sri_ has joined #openstack05:11
*** daniele- has joined #openstack05:11
*** zykes- has quit IRC05:11
*** oneiroi has joined #openstack05:12
*** trapni has joined #openstack05:12
*** zykes- has joined #openstack05:12
*** adjohn has quit IRC05:25
*** anderstj has joined #openstack05:30
*** Abhilash has quit IRC05:35
*** jcannava has left #openstack05:35
*** ejat has joined #openstack05:35
*** arBmind has joined #openstack05:37
*** Abhilash has joined #openstack05:38
*** adjohn has joined #openstack05:40
*** dtroyer is now known as dtroyer_zzz05:41
*** sae has joined #openstack05:44
*** osier has joined #openstack05:47
*** ejat has quit IRC05:50
*** halfss has joined #openstack05:51
halfssis there anyone migrate tempauth to keystone on swift?05:51
*** mRy has joined #openstack05:52
*** mRy is now known as Guest4465605:52
*** dachary has joined #openstack05:53
*** ejat has joined #openstack05:54
*** erikzaadi has joined #openstack05:56
*** adjohn has quit IRC05:57
*** adjohn has joined #openstack05:57
*** adjohn has quit IRC05:58
*** garyk has joined #openstack05:59
*** hattwick has quit IRC06:01
*** zigo has quit IRC06:02
*** leeight_ has quit IRC06:02
*** vitiho_ has joined #openstack06:03
*** vitiho has quit IRC06:03
*** RamJett has quit IRC06:03
*** adjohn has joined #openstack06:05
*** ryanpetrello has quit IRC06:05
*** leeight_ has joined #openstack06:06
trapnihey. I can connect to VNC on instances on compute node also being the controller. but I cannot connect to instances located on other compute nodes. what could the reason be? Anyone a hint? :)06:08
*** JStoker has quit IRC06:09
*** rocambole has joined #openstack06:11
*** JStoker has joined #openstack06:12
*** andutros has quit IRC06:12
*** halfss has quit IRC06:15
*** blamar has quit IRC06:16
*** shaon has joined #openstack06:19
*** vanchester12416 has joined #openstack06:19
*** anderstj has quit IRC06:19
uvirtbotNew bug: #1015410 in quantum "Some unit tests for Cisco plugin are failing" [High,Confirmed] https://launchpad.net/bugs/101541006:22
*** matwood has quit IRC06:24
*** mindpixel has joined #openstack06:25
*** erikzaadi has quit IRC06:28
*** jbarratt has quit IRC06:29
*** MyAzhax has quit IRC06:29
vanchester12416Hello. Can someone explain me keystone's token flow?06:29
*** MyAzhax has joined #openstack06:29
sri_can someone tell where an instance's password is stored in database06:30
*** nmistry has quit IRC06:31
vanchester12416my timezone is so bad :(06:34
*** dpippenger has quit IRC06:35
*** jbarratt has joined #openstack06:38
*** ttrifonov_zZzz is now known as ttrifonov06:39
trapnivanchester12416: (AFAIK!!) tokens are generated on authentication, and can then be reused for a certain period of time.06:43
vanchester12416traphi, i understand that, thank you. But i want to know what happens on first client's request when there is no token.06:44
vanchester12416i want to know WHO (which module) calls the procedure of it's generation06:45
trapnithat's out of my knowledge, sorry for that.06:46
*** alex88 has joined #openstack06:46
*** alex88 has joined #openstack06:46
vanchester12416np, anyway u tried. thx :)06:46
trapniare you using nova-compute already?06:48
vanchester12416traphi, no i'm using swift06:49
*** adjohn has quit IRC06:49
trapniah06:49
trapniyeah, that's on my roadmap (sometime later)06:49
*** asavu has joined #openstack06:50
vanchester12416now i'm working on keystone - auth system06:51
vanchester12416the question i have is "What guyz do you compute on your Novas?" :)06:52
*** jedi4ever has quit IRC06:52
*** mrjazzcat has quit IRC06:52
*** livemoon has joined #openstack06:53
*** dachary has quit IRC06:53
uvirtbotNew bug: #1015418 in quantum "devstack support for policy.json" [Undecided,Confirmed] https://launchpad.net/bugs/101541806:56
*** prakasha-log has joined #openstack07:00
*** chasmo has quit IRC07:01
*** etnt has joined #openstack07:01
*** etnt has quit IRC07:02
*** etnt has joined #openstack07:02
*** chasmo has joined #openstack07:03
*** Triade has joined #openstack07:03
*** asavu has quit IRC07:05
*** metral has quit IRC07:09
*** Leseb has joined #openstack07:12
trapnihmm. Does anyone know why I can connect to VNC on one compute node but not to VNC on other compute nodes? (via nova get-vnc-console nor dashboard) ?07:13
*** erikzaadi has joined #openstack07:14
livemoonhi07:17
livemoonhow can make keystone use ssl?07:18
*** Leseb has quit IRC07:18
*** reidrac has joined #openstack07:18
*** erikzaadi has quit IRC07:19
*** arBmind has quit IRC07:19
*** erikzaadi has joined #openstack07:19
*** Leseb has joined #openstack07:20
uvirtbotNew bug: #1015423 in nova "xenapi ImageTooLarge exception leaves VDI around" [Undecided,New] https://launchpad.net/bugs/101542307:21
*** freeflying_ has quit IRC07:23
vanchester12416livemoon, i didn't try, but look at etc/keystone.conf.sample file. There is ssl section in it07:23
*** arBmind has joined #openstack07:26
*** mnaser has quit IRC07:30
trapnianyone here using VNC console access in multi-node setups?07:40
*** freeflying_ has joined #openstack07:42
*** vanchester12416 has quit IRC07:42
*** freeflying_ has quit IRC07:42
*** Abhilash has quit IRC07:42
*** Abhilash has joined #openstack07:44
*** Stratisphere has joined #openstack07:47
livemoonvanchester12416, thanks07:47
StratisphereMorning all. I've got a bit of a newb question regarding "cloud" computing (and therefore, openstack)...07:48
StratisphereI get the whole idea behind cloud... always available instances of whatever. But i'm slightly confused to what to the end user, it provides. I.e. is openstack similar to amazon in the sense that it basically provides you with a virtual machine?07:48
trapniShould novncproxy_base_url point to the IP of the cloud controller (where novnc-proxy is running) or to every compute nodes management IP?07:52
*** ramjett has joined #openstack07:52
*** pixelbeat has joined #openstack07:55
*** darraghb has joined #openstack07:56
*** hattwick has joined #openstack07:58
*** primozf has joined #openstack08:00
*** pnavarro has quit IRC08:00
*** freeflying_ has joined #openstack08:02
*** befreax has joined #openstack08:02
*** dachary has joined #openstack08:05
*** Free_maN has joined #openstack08:05
*** Free_maN has joined #openstack08:05
*** nacx has joined #openstack08:06
*** comstud has quit IRC08:13
*** comstud has joined #openstack08:13
hugokuodoes anyone know about how to export bugs list/contents from launchpad ....?08:16
*** miclorb has quit IRC08:17
*** notze has joined #openstack08:18
*** davepigott has joined #openstack08:19
*** notze has quit IRC08:20
*** jobycxa has joined #openstack08:23
*** zigo has joined #openstack08:24
*** Triade has quit IRC08:25
*** Triade has joined #openstack08:25
*** Triade has quit IRC08:29
*** Triade1 has joined #openstack08:29
*** jgruber has joined #openstack08:30
*** popux has joined #openstack08:32
*** trapni has quit IRC08:34
*** trapni has joined #openstack08:34
*** jgruber has quit IRC08:37
*** Abhilash has quit IRC08:37
*** notze has joined #openstack08:38
*** msavy has joined #openstack08:44
*** asavu has joined #openstack08:49
chrisgi dont think that openstack-db is great in the way it checks to see if mysql-server is installed08:50
chrisgwhats the procedure for recommending updates to stuff in particular parts of openstack?08:50
uvirtbotNew bug: #1015453 in nova "instance nwfilter has no MAC parameter in dom definition file" [Undecided,New] https://launchpad.net/bugs/101545308:51
chrisgbasically because we use percona here, and that provides mysql-server, but when I try and use the openstack-db helper script, it doesn't see we've already got a mysql server08:53
mikalchrisg: are you using distro packages? If so, you probably want to file a bug with your distro...09:00
chrisgi'm using percona09:03
chrisgit's provided by them09:03
chrisgthey call it percona-server09:03
chrisgnot mysql-server09:04
chrisgthey also name the init script differently :\09:04
chrisghttp://pastie.org/411939809:04
chrisgseems to work09:04
chrisgbut yeah percona-server rpm "provides" mysql-server09:05
*** bbcmicrocomputer has joined #openstack09:07
*** freeflying_ has quit IRC09:10
*** ramjett has left #openstack09:14
*** Trixboxer has joined #openstack09:14
*** dachary has quit IRC09:14
*** shadower has joined #openstack09:16
*** keruspe has joined #openstack09:16
*** pretec has joined #openstack09:18
etntrunning 'nova-network -dv' gives me: ERROR nova.rpc.common [-] AMQP server on 192.168.1.172:5672 is unreachable: Socket closed09:20
etntbut with wireshark I can see that it start exchanging messages with rabbitmq, anyone seen this before?09:21
uvirtbotNew bug: #1015462 in nova "openstack-db script Percona compatibility issue" [Undecided,New] https://launchpad.net/bugs/101546209:21
etntbtw, I've been trying for three days to get openstack up and running...has anyone been able to follow the docs recently with a successful outcome ?09:23
*** Ryan_Lane has quit IRC09:25
keruspeWhich part of a vm creation does create its disk ?09:29
keruspeIt seems to be (maybe !) the last thing failing here to get a functionnal openstack install09:29
keruspe(It only creates a 6.1MB file as the disk, and the vm doesn't get defined in libvirt)09:30
*** alex88 has quit IRC09:31
*** miclorb has joined #openstack09:37
*** jongleur has joined #openstack09:39
*** popux has quit IRC09:41
jongleurHi. I followed the walkthrough of hastexo now to install openstack and everything works fine up to starting the first VM. The startup fails with nova show myfirstVM showing as fault a "RemoteError" code 500. any idea what could be wrong and how to find a solution?09:51
*** jackh has quit IRC09:51
*** uksysadmin has joined #openstack09:53
uksysadming'day all09:53
uksysadminAny NetApp folk lurking around?09:54
chrisgi'm yet to get my dfm license09:54
chrisgso i havent tested teh netapp driver yet09:54
uksysadminI noticed an interesting netapp.py piece in nova-volume... raising eyebrow...09:54
chrisgnetapp have this lovley policy where you get dfmserver/opcommander by default but you need to request it09:54
chrisgwhich takes time09:54
chrisgwhat raised your eyebrow, uksysadmin ?09:55
*** Samos123 has joined #openstack09:56
Samos123Hi, im working on a small monitoring tool collecting data with libvirt and collectd, now I wanna create a small webservice in horizon which returns the xml data of rrdtool xport. I created a django app instead of the suggested dashboard way as I want to make this independent of a dashboard. Is this ok?09:58
Samos123I can think it may not be secure to do it this way as I'm bypassing horizon kind of09:59
*** matwood has joined #openstack09:59
*** Stratisphere has quit IRC10:03
*** mkouhei has left #openstack10:05
uksysadminSo in response to netapp.py - given nova-volume is a SPOF, anything to reduce this risk.10:05
*** SvenDowideit has quit IRC10:10
*** tty has joined #openstack10:13
*** GheRivero has quit IRC10:13
*** GheRivero has joined #openstack10:13
ttyhey. is there a simple explanation why server1, server2 and client1 are required for openstack installation according to the doc.? Is this mentioned in the doc? It seems to elude some major hints as i've said.10:16
*** ywu has quit IRC10:19
*** miclorb has quit IRC10:20
uksysadmintty, explain?10:21
*** Ryan_Lane has joined #openstack10:22
ttyuksysadmin: i mean why is server2 important? to show the nova scaling to more resources?10:22
*** supriya has joined #openstack10:22
*** clopez has joined #openstack10:23
uksysadmintty, can you point me to the doc?10:23
ttyuksysadmin: http://docs.openstack.org/essex/openstack-compute/starter/content/Introduction-d1e390.html10:23
uksysadmintty, I can only presume that people want to make sure their environment doesn't fail when server1 dies10:23
ttylet alone images that are "broken"10:24
ttythe starter guide uses server1 and server2.10:24
uksysadmintty, they're telling you that a typical "start" environment is one server has everything on, and the second is demonstrating that you can scale-out easily with compute by just adding extra compute nodes10:24
ttyuksysadmin: heap. that's what i thought.10:25
ttyyeap*10:25
*** livemoon has quit IRC10:26
uksysadminShame the page is broken - but that's what they're trying to portray10:29
uksysadmintechnically you can run ALL OpenStack services on a single VM if you fancy a play/dev10:30
*** zigo has quit IRC10:30
*** clopez has quit IRC10:33
trapniHey. I can only connect to vnc-console of the nova-compute hosts that's also the controller node. any other instance on any other compute node fails (I'm using noVNC) - I searched the docs, and tried filling the values in nova.conf right. but still, I can't connect. Can anybody give me a hint, here?10:36
*** miclorb has joined #openstack10:37
*** zinjacoder has joined #openstack10:39
ttyuksysadmin: i see. so, client1 is required only to connect to server1 and manage images etc richt?10:39
ttyright*10:39
uksysadminyeah - its a client - your laptop, or vm will do10:40
uksysadminwill be the thing to run the nova commands or euca2ools10:40
ttyi see that ntp is required to sync with the server1 clock? why is that? can i skip client1?10:40
uksysadminntp is a requirement for multi-node10:40
ttylike server2 where you "sync" to server1 ntp clock right?10:41
uksysadminyeah10:41
*** ejat has quit IRC10:41
uksysadminthe times need to be in sync by about 5 seconds for multi-node to work - else you get XXX intermittently, or permanently for available services10:41
ttyand is it reuiqred for there client to sync to server1?10:41
uksysadminno - dont' need client to sync - but its just good practice so that you can troubleshoot easily10:42
*** littleidea has joined #openstack10:48
ttyok.10:49
ttyso connecting to server1 via ssh or web interface should be ok.10:50
*** popux has joined #openstack10:50
*** camm has quit IRC10:50
*** camm has joined #openstack10:51
*** vanchester12416 has joined #openstack10:53
ttyuksysadmin: what about the client tools required to client1. should i set up the exports on my laptop before connecting to server1/etc?10:55
ttyi suppose no10:55
*** SvenDowideit has joined #openstack10:58
*** tty has quit IRC11:00
*** gongys has quit IRC11:02
*** leeight_ has quit IRC11:02
uksysadmintty, yes if you're using the command line you need your ENV set up accordingly11:06
*** osier has quit IRC11:06
*** sae has quit IRC11:07
*** vanchester12416 has quit IRC11:08
*** vanchester12416 has joined #openstack11:08
*** deepakcs has quit IRC11:10
*** vrturbo has joined #openstack11:10
*** rmartinelli has joined #openstack11:17
*** tty has joined #openstack11:17
*** wariola has quit IRC11:18
*** alexn6 has joined #openstack11:19
*** never2far has quit IRC11:20
*** wiliam has joined #openstack11:21
*** alex88 has joined #openstack11:22
*** alex88 has joined #openstack11:22
*** zul has quit IRC11:23
*** arBmind has quit IRC11:26
*** shang has joined #openstack11:28
*** jgruber has joined #openstack11:28
*** DavidLevin has quit IRC11:30
*** clopez has joined #openstack11:32
*** zul has joined #openstack11:33
uvirtbotNew bug: #1015516 in openstack-manuals "typo in networking dhcpoption" [Undecided,New] https://launchpad.net/bugs/101551611:35
*** shang has quit IRC11:35
uvirtbotNew bug: #1015512 in ceilometer "dhcpoption typo" [Undecided,New] https://launchpad.net/bugs/101551211:36
*** saschpe has quit IRC11:40
*** ewindisch has joined #openstack11:40
*** saschpe has joined #openstack11:42
*** natea has joined #openstack11:47
*** ewindisch has quit IRC11:53
*** chrisfer has joined #openstack11:55
*** zigo has joined #openstack11:55
*** ahasenack has joined #openstack11:59
*** littleidea has quit IRC12:00
*** agonella has joined #openstack12:01
*** popux has quit IRC12:07
*** arBmind has joined #openstack12:10
*** dolphm has joined #openstack12:11
*** salgado has joined #openstack12:11
*** cooper_ has quit IRC12:12
*** natea has quit IRC12:13
*** supriya has quit IRC12:15
*** zul has quit IRC12:16
*** asavu has quit IRC12:16
*** vrturbo has quit IRC12:17
*** drewlander has joined #openstack12:18
*** Guest81049 is now known as vibhav12:19
vanchester12416oh, hi dolphm, i have questions :)12:20
dolphmvanchester12416: go for it12:21
uvirtbotNew bug: #1015535 in devstack "Propose to stop a specified service with unstack.sh" [Undecided,New] https://launchpad.net/bugs/101553512:21
*** miclorb has quit IRC12:21
*** eglynn__ has quit IRC12:22
*** nethope has joined #openstack12:23
*** eglynn__ has joined #openstack12:25
*** dtroyer_zzz is now known as dtroyer12:27
vanchester12416dolphm, So, i've looked on swiftauth and token_auth middleware and i have a question about it's work. The swiftauth middleware embeds in swift's pipeline and after getting request it makes request [POST, GET] /tokens to separated keystone server, isn't it?12:29
*** jedi4ever has joined #openstack12:29
dolphmvanchester12416: it should only be using GET /tokens at that point, but yet12:29
dolphmyes*12:29
vanchester12416dolphm, isn't it creates tokens? who else?12:30
dolphmvanchester12416: what do you mean?12:30
vanchester12416who makes POST /tokens request? i'm still don't understand :)12:31
dolphmvanchester12416: the user does that themselves12:32
dolphmvanchester12416: (exchanging credentials .. username + password usually .. with the keystone server for a token ID)12:33
vanchester12416i.e. we use swift12:33
dolphmvanchester12416: then the middleware protecting swift simply validates the provided token with keystone as well12:33
*** DavidLevin has joined #openstack12:33
agonellaHi, Im running a compute-controller + compute+node, and I already launched one instance based on linux iso. When I tried to launch a second instance, it can not start, it says that instance status is ¨error¨and task status ¨scheduling¨. I m running over QEMU. Any idea?12:34
vanchester12416dolphm, wait a sec, ain't client makes only GET /acc/cont/obj etc request?12:34
*** dachary has joined #openstack12:34
dolphmvanchester12416: ?12:35
vanchester12416i'm lost again)12:35
*** mikal has quit IRC12:35
vanchester12416dolphm, i expect that swift client makes only GET /a/c/o request, isn't it?12:35
*** dachary has quit IRC12:35
*** bharata has quit IRC12:35
*** dachary has joined #openstack12:36
dolphmvanchester12416: the specific request being made to swift doesn't matter, unless it doesn't pass through a pipeline protected by auth_token12:36
dolphmvanchester12416: i'm logging off for now, will be back on in about an hour12:36
*** dolphm has quit IRC12:36
*** mikal has joined #openstack12:37
*** markvoelker has joined #openstack12:37
agonellaHi, Im running a compute-controller + compute+node, and I already launched one instance based on linux iso. When I tried to launch a second instance, it can not start, it says that instance status is ¨error¨and task status ¨scheduling¨. I m running over QEMU. Any idea?12:38
*** Glace has joined #openstack12:39
*** never2far has joined #openstack12:43
*** zigo has quit IRC12:46
*** vanchester12416 has quit IRC12:46
*** jackh has joined #openstack12:47
*** jongleur1 has joined #openstack12:47
*** jongleur has quit IRC12:47
*** jackh has quit IRC12:48
*** jobycxa has quit IRC12:48
*** jackh has joined #openstack12:49
*** ejat has joined #openstack12:52
*** hggdh has quit IRC12:53
*** h0cin has joined #openstack12:53
*** vanchester has joined #openstack12:55
*** DavidLevin has quit IRC12:55
*** hggdh has joined #openstack12:55
*** sandywalsh has joined #openstack12:56
*** nacx has quit IRC12:56
jongleur1I have a problem with the network configuration. I'm trying to set up a single-host openstack cloud following the install walkthrough published by hastexo.com http://hastexo.com/resources/docs/installing-openstack-essex-20121-ubuntu-1204-precise-pangolin .12:59
*** NashTrash has joined #openstack12:59
*** befreax has quit IRC13:00
jongleur1my host machine only has one physical ethernet card. Therefore I followed the comment to use an ethernet alias eth0:1 instead of eth1, but now restarting the nova services breaks the network connection to the outside. Any idea how to do it? Or do I have to add a second physical ethernet card13:00
*** mindpixel has quit IRC13:01
*** davepigott has quit IRC13:02
*** davepigott_ has joined #openstack13:02
*** iccha has joined #openstack13:03
*** mindpixel has joined #openstack13:03
*** c0t0d0s0 has joined #openstack13:04
*** lborda has joined #openstack13:04
*** abniyi has joined #openstack13:05
abniyihi13:05
abniyii have a problem with nova13:05
*** lazyshot has joined #openstack13:05
abniyican someone be of help please13:06
abniyinova-manage service list is empty13:07
*** adalbas has joined #openstack13:07
*** markmcclain has joined #openstack13:07
abniyiis there anyone here to help13:08
abniyiwith nova13:08
*** dachary has quit IRC13:08
*** marrusl has joined #openstack13:09
*** hunglin has quit IRC13:09
*** robix has quit IRC13:09
*** nacx has joined #openstack13:09
*** mindpixel has quit IRC13:10
abniyihey13:10
abniyiany body to help13:10
evil_steveabniyi: it's porbbaly an idea to wait more than 2 minutes between asking if people can help you13:10
abniyithanks13:10
*** taupen has joined #openstack13:11
uvirtbotNew bug: #1015555 in openstack-manuals "Quantum docs no longer linked at docs.openstack.org" [Undecided,New] https://launchpad.net/bugs/101555513:11
abniyihey steve13:12
*** joesavak has joined #openstack13:12
*** dachary has joined #openstack13:12
abniyican you help please13:12
chrisgit's amazing the little things you forget about vi(m) that make it so amazing (i.e. ctrl-A)13:13
*** sandywalsh_ has joined #openstack13:13
*** sandywalsh has quit IRC13:13
*** DavidLevin has joined #openstack13:14
*** rods has joined #openstack13:14
abniyinova-manage service list showing nothing13:15
*** koolhead11 has joined #openstack13:15
*** stuntmachine has joined #openstack13:15
abniyihas anyone encounter this problem where nova-manage service is not showing any service13:16
*** roge has joined #openstack13:16
koolhead11hi all13:16
*** esm has joined #openstack13:17
*** esm is now known as Guest5031813:17
NashTrashchmouel: Are you around by any chance?13:18
*** noob has joined #openstack13:18
NashTrashabniyi: Do you have any services that should be showing up there?13:18
NashTrashscheduler, network, compute, etc..13:19
abniyiyes nashtrash13:19
abniyiI have restart all the services13:19
NashTrashabniyi: Do you see them in the database table?13:19
*** KarinLevenstein has joined #openstack13:19
NashTrashand, have they ever been there?13:19
noobzynzel: you around?13:19
abniyilet me check please13:19
abniyithis really strange13:20
*** zul has joined #openstack13:20
abniyithere is no table in the nova database13:20
chmouelNashTrash: yes13:20
noobi'm getting an error in the openstack dashboard when i click on the user list.  it says unable to retrive user list.  anyone know where i should look for what to change?13:20
abniyii have ran nova-manage db sync13:20
koolhead11abniyi: did you executed dbsysnc commanf13:20
NashTrashchmouel: I am still running into that Swift3 problem.  It looks like you found some issues with the Swift3 version from github.13:21
koolhead11did it gave any error13:21
*** DavidLevin has quit IRC13:21
abniyiyes i did13:21
NashTrashabniyi: Are there any tables in the DB?13:21
chmouelNashTrash: could you import that python module which made error?13:22
jongleur1koolhead11: Hi. You pointed me to the openstack install guide on  hastexo.com, right; thanks for that - I'm a few steps further now ;)13:22
*** ryanpetrello has joined #openstack13:22
NashTrashchmouel: Have not tried manual import yet.  My python foo is not strong.13:22
koolhead11abniyi: did you modified nova.conf to listen to mysql db ?13:22
abniyiyes13:22
koolhead11jongleur1: welcome. kepp blogging and spread the word :D13:22
chmouelNashTrash:  I think I copied you a paste last night which showed you how to do that13:23
jongleur1koolhead11: well... I have one problem left, probably you have an idea there, too: I have only one physical ethernet adapter and therefore tried to use the hint given in one comment of that walkthrough: to use eth0:1 with the internal ip adress.13:23
abniyithe tables is still empty13:23
abniyinova database is empty13:24
abniyino table recorded13:24
NashTrashchmouel: If you still have the paste around, please send it my way again. I can't seem to find it.  Thanks.13:24
jongleur1now it always breaks down the public network connection (and with that the ssh shell) when I try to restart the nova services. Any idea how to solve that without attatching a second ethernet device to the hardware?13:24
chmouelNashTrash: I don't :( give me the error again so I can show you I can't remember which module was bugging you13:25
*** eric_ has joined #openstack13:25
koolhead11jongleur1: unfortunately am no network guru, probably uksysadmin will help :D13:25
jongleur1uksysadmin: an idea? ;)13:25
NashTrashabniyi: It sounds like your DB settings in nova.conf are not right.  Do you get any error messages in nova-manage.log?13:25
*** lts has joined #openstack13:25
NashTrashchmouel: Here is the error I get when I try to start up 1.4.8 on 12.04 with the latest Swift3 from github: http://paste.openstack.org/show/18644/13:26
*** natea has joined #openstack13:27
chmouelNashTrash: did you change to swift3#swift3 like I was telling you last night?13:27
*** eric_ has quit IRC13:27
chmouelNashTrash: instead of swift3#middleware13:27
NashTrashMy proxy-server.conf looks like this: http://paste.openstack.org/show/18645/13:27
*** sandywalsh_ has quit IRC13:27
abniyithe only error in the nova-manage.log is debug nova.utils[-] backend <module 'nova.db.sqlachemy.migration.....13:28
chmouelNashTrash: line 52 change to swift3#swif3 instead of swift3#middleware13:28
NashTrashchmouel: Yes, and when I do that I get the following: http://paste.openstack.org/show/18646/13:28
chmouelnashtrash: yeah so now do a python and at the command line prompt type/paste this     from swift.common.wsgi import WSGIContext13:29
*** vanchester has quit IRC13:29
chmouelNashTrash: if you have an error then it means you have an installation problem probably need to see with the ubuntu packagers13:29
NashTrashchmouel: Hmm…Ok.  I will give it a try.  Thanks for the help.13:31
*** markmcclain has quit IRC13:31
*** markmcclain has joined #openstack13:31
*** sandywalsh has joined #openstack13:31
*** edygarcia has joined #openstack13:32
*** japage has joined #openstack13:32
*** realnorth has joined #openstack13:34
*** vanchester has joined #openstack13:35
realnorthanyone able to help with an "Internal Server Error" upon logging into the OpenStack Dashboard?13:35
*** dachary has quit IRC13:35
realnorthKeystone.log reports a deprecated method13:35
koolhead11realnorth: does apache log says anything?13:35
realnorthhaven't checked the apache logs only nova logs13:36
NashTrashchmouel: It is a no go from the python shell.  It too gives me a 'ImportError: cannot import name WSGIContext' error13:36
*** mnaser has joined #openstack13:36
*** dtroyer is now known as dtroyer_zzz13:37
chmouelNashTrash: which version of swift?13:37
notmynamechmouel: NashTrash: swift 1.4.8 should be using the included swift3. use the external swift3 with swift 1.5.013:37
NashTrashnotmyname: chmouel: Ok, how do I switch it to the internal version of swift3?13:38
*** ewindisch has joined #openstack13:38
*** vanchester has quit IRC13:39
*** vanchester has joined #openstack13:39
realnorthchecked the apache logs get "No handlers could be found for logger "openstack_dashboard" "13:40
notmynamethe "use =" line in the swift3 section should be egg:swift#swift313:41
koolhead11realnorth: what are u running devstack13:41
realnorthbut that was yesterday and I've tried logging in since then13:41
realnorthno installed using the openstack compute starter guide13:42
noobdoes anyone know what perms are needed in mysql for the nova user?13:42
noobi keep getting access denied13:42
*** jedi4ever_ has joined #openstack13:42
*** DavidLevin has joined #openstack13:42
realnorthcreated a node with everything but openstack-volume13:42
*** dubsquared has joined #openstack13:42
*** jedi4ever has quit IRC13:43
*** jedi4ever_ is now known as jedi4ever13:43
*** dolphm has joined #openstack13:43
*** dubsquared has quit IRC13:43
*** dolphm_ has joined #openstack13:43
*** vladdy has quit IRC13:44
*** jongleur1 has quit IRC13:44
*** shang has joined #openstack13:45
*** etnt has quit IRC13:45
*** sri_ has quit IRC13:45
*** jongleur has joined #openstack13:45
*** etnt has joined #openstack13:45
realnorthany ideas?13:46
realnorthI'm installing on Ubuntu 12.0413:47
*** asavu has joined #openstack13:47
*** shang has quit IRC13:47
*** shang has joined #openstack13:48
*** dprince has joined #openstack13:48
*** dolphm has quit IRC13:48
vanchesterdolphm_, are you free to speech?13:49
dolphm_vanchester: yep, i'm back13:50
*** vladdy has joined #openstack13:50
zynzelnoob: yes13:50
*** dtroyer_zzz is now known as dtroyer13:51
vanchesterdolphm_, cool. So another question is about example of middleware for remote authentication, like AD or OpenID, do you know some?13:51
dolphm_vanchester: the middleware wouldn't handle that; that would be handled by a keystone driver on the keystone service itself13:51
*** jedi4ever has quit IRC13:51
noobzynzel: hey :)13:52
*** dubsquared has joined #openstack13:52
noobzynzel: i'm having an issue with the openstack dashboard where the user list and projects just times out13:52
noobzynzel: i granted ALL on *.* to nova in the database13:52
*** pretec has quit IRC13:53
zynzelnoob: check keystone endpoints :)13:53
noobzynzel: ok.13:53
vanchesterdolphm_, will it? As i understand the middleware used when we have no full access to users database (as OpenID) but identity backends used when we create ourself database (i.e. of using LDAP server)13:53
zynzelespecialy admin url in identify service13:53
noobzynzel: what do the keystone endpoints mean?13:53
zynzelespecialy check if you have port 35357 and not 500013:53
vanchesterby full access i mean read and Write13:53
*** ejat has quit IRC13:54
zynzelnoob: url for services in openstack13:54
*** rnorwood has joined #openstack13:54
alex88hi guys, i'm trying to create a new network, but i get http://pastebin.com/hrSKpMEL , any idea?13:54
noobzynzel: ok that would make sense. it's prob trying to hit the wrong url13:54
zynzelalex88: what db are you using?13:55
zynzelsqlite?13:55
dolphm_vanchester: that's not true at all; everyone needs auth_token middleware if they want keystone authentication to protect other services, and you'll need an identity backend of some kind to feed keystone, regardless of the implementation13:55
*** osier has joined #openstack13:55
*** hggdh has quit IRC13:55
noobzynzel: yes the endpoints def look wrong.13:55
alex88zynzel, in nova.conf i have --sql_connection=mysql://novadbadmin:password@10.8.0.1/nova13:56
uksysadminjongleur, what's up?13:56
zynzelalex88: nova-manage service list works?13:56
alex88zynzel, same error13:56
koolhead11realnorth: around buddy?13:57
vanchesterdolphm_, i'm not sure that i understand you. Now i don't touch auth_token middleware, i just speak about logic of keystone13:57
zynzelalex88: try mysql -u novadbadmin -h 10.8.0.1 -p nova13:57
abniyinova-manage db sync does not create tables in the database13:57
zynzeland enter password from config13:57
realnorthI'm here13:57
zynzelif it dont work, check credentials/ip13:58
dolphm_vanchester: alright, then what's your question?13:58
alex88zynzel, connects and db nova has tables13:58
*** hggdh has joined #openstack13:58
*** rnorwood has quit IRC13:58
jongleuruksysadmin: I have only one pysical ethernet card in the one and only host for my openstack installation. for the internal network of the VMs I tried to add eth0:1 as a virtual network adapter, but since the hosts network breaks whenever I start the nova services. any idea how to get a virtual network adapter that does not break the physical eth0, without the need to install a second pysical eth card?13:58
*** rnorwood has joined #openstack13:59
alex88jongleur, i created a tap device and used that one13:59
vanchesterdolphm_, do we use backend when we manage ourself users database but middleware when we authorize through remote services like OpenID and AD?13:59
vanchestersry for english14:00
alex88jongleur, using vde_tunctl you can create a virtual device that you'll attach later on other servers if you have only 1 interface on them14:00
alex88zynzel, also it says check log, but the only log it writes is on stdout14:00
dolphm_vanchester: you will use middleware, regardless14:01
dolphm_vanchester: and you will use backend drivers in keystone, regardless14:01
dolphm_vanchester: they're not somehow interchangable or applicable to conflicting use cases14:01
jongleuralex88: could be what I searched for, thanks. Will try that as soon as I get physical access to the server again (to fix the network that broke down now...)14:02
*** zynzel has quit IRC14:02
*** zynzel has joined #openstack14:02
vanchesterdolphm_, of course. But i though it's enough to use one of them for that.14:02
*** rnorwood has quit IRC14:02
alex88jongleur, i used that on some servers @ ovh and it worked fine to create a virtual network between them14:03
uksysadminjongleur, you want your public and private on the same interface?14:03
uksysadminyou don't need to add an alias for that14:03
alex88zynzel, it seems ilk it's still searching for file db right?14:03
zynzelalex88: probably yes14:03
zynzelcheck /etc/nova permissions14:03
*** Guest44656 has quit IRC14:04
dolphm_vanchester: enough of what to use one of what for what? be more specific14:04
jongleuruksysadmin: not necessarily, I think, the TUN/TAP solution proposed by alex88 will be fine, too. Using the same interfaces was proposed by a commenter on the hastexo guide as a working solution14:04
*** Guest44656 has joined #openstack14:04
alex88/etc/nova has 700, user is nova14:04
uksysadminjongleur, http://docs.openstack.org/trunk/openstack-compute/admin/content/configuring-flat-networking.html14:04
zynzelalex88: and /etc/nova/nova.conf ?14:05
uksysadminjongleur, I've never used a set up that used a single interface - I can only presume for testing?14:05
alex88zynzel, 644 nova:nova14:05
koolhead11alex88: hey14:05
jongleuruksysadmin: it's a small one-host cloud for testing, yes14:05
zynzelalex88: change it to 60014:05
vanchesterdolphm_, my target is implementation of AD authorization, that's it.14:05
* koolhead11 finds some of the old folks have disappeared from the channel14:05
alex88zynzel, now?14:05
alex88still not working14:05
alex88hi koolhead1114:05
koolhead11alex88: it will work am sure :)14:06
alex88koolhead11, what? :)14:06
vanchesterdolphm_, so, i'm looking for opportunities in keystone's middleware and backends14:06
koolhead11after the chown magic :D14:06
*** Gordonz has joined #openstack14:06
vanchesterdolphm_, in middleware for now14:07
koolhead11alex88: long time BTW14:07
dolphm_vanchester: have you looked at keystone.identity.backends.ldap?14:07
zynzelalex88: well14:07
zynzelstrange.14:07
alex88koolhead11, nope it didn't :( btw, sorry, i don't remember :(14:07
koolhead11:)14:07
uksysadminkoolhead11, they've gone off to openstack-dev I suspect...14:07
koolhead11uksysadmin: +1 :)14:07
alex88zynzel, don't get mad with me.. i was missing sudo in nova-manage :S14:08
zynzelalex88: lol.14:08
sstentanyone know if there is away to get pat the current devstack lesscss bug?  https://bugs.launchpad.net/devstack/+bug/101473514:08
vanchesterdolphm_, yes, but there is one feature in it - it stores the whole information including roles and tenants in formatted database, managed by cloud owner.14:09
dolphm_vanchester: you can write your own however you wish, i'm just pointing it out as a reference14:09
alex88zynzel, sorry for that14:09
zynzelno problem :)14:09
*** rnorwood has joined #openstack14:09
koolhead11sstent: why don`t you use Essex branch if your not testing using devstack14:10
marruslquestion:  how can you limit the block of fixed addresses so that, for example, you're using a /24 but don't want it to hand out anything below .10 ?14:10
abniyinova-manage db syn does not write tables in the database any idea on how to solve this14:10
marrusl--flat_network_dhcp_start doesn't seem to work any more14:11
keruspeI have a disk with a "raw" format stored in glance. If I use it as an argument to "nova boot", it only creates a 6.1MB file instead of the expected file in the instance-XXXXXXX dir (the file in _base is ok) and it tags it as "qcow2" in the libvirt.xml file14:11
keruspeWhy does this happen ?14:11
vanchesterdolphm_, but AD is often used as a storage for manies of services so we have no opportunity to change it. We can only check credentials.14:11
*** Guest50318 has quit IRC14:12
sstentkoolhead1: just trying to test the latest master branch, and found this bug. just wanted to know if there was any asy resolution14:12
dolphm_vanchester: great, then you only have to implement keystone.identity.core.Driver.authenticate()14:12
* alex88 likes all smiles in service list after first try install14:12
noobzynzel: success!  the dashboard works now!14:12
koolhead11sstent: check the buglist and if not available file it :D14:12
dolphm_alex88: ui design ftw14:12
* koolhead11 hi5 noob :)14:13
noobwoo!14:13
uksysadminmarrusl, you can manually edit the database, or split the 24 into something other than a 24 (25 and use 128 addresses, say)14:13
alex88dolphm_, true that ;)14:13
*** zigo has joined #openstack14:13
uksysadminmarrusl, I also noticed a "reserved" column in the db too14:13
noobkoolhead11: my dashboard still spins when i click on the projects tab but everything else works now14:13
sstentkoolhead1: the bug is there and it looks like a missing dependency, jsut not sure what needs to be installed  https://bugs.launchpad.net/devstack/+bug/101473514:13
vanchesterdolphm_, but there is a question about architecture :) shouldn't i implement it like a middleware since we don't store credentials?14:14
zynzelnoob: great14:14
uksysadminwhich OpenStack uses to reserve the first couple of IPs for VPN and route for guests14:14
koolhead11sstent: if you can find the pip dependancy add it as comment :)14:14
marrusluksysadmin, yeah, ok.  that makes some sense.  I *hate* it when the answer is "edit the database".  :)14:15
koolhead11marrusl: :D14:15
marrusluksysadmin, we're weighing the other approach (smaller net) too.  Thanks!14:15
dolphm_vanchester: the existing architecture works pretty well; re-implementing all of keystone as middleware is certainly do-able, but i don't see what it buys you other than saving a LAN connection and a lot of extra work14:16
uksysadminmarrusl, unfortunately it is a sticking point - the tools used sometimes don't cover all use-cases, whereas a hack will. Not ideal and noted at the design summit.14:16
vanchesterdolphm_, i won't re-implement keystone. There is no AD authentication system, LDAP works different.14:19
dolphm_vanchester: sure14:19
*** Gordonz has quit IRC14:20
dolphm_vanchester: were you planning on contributing your effort back to keystone?14:20
vanchesteryes14:20
evil_steveabniyi: please do not private message me asking for help.14:20
*** Gordonz has joined #openstack14:20
*** realnorth has quit IRC14:20
Ryan_Lanevanchester: AD is different than what? LDAP?14:21
dolphm_vanchester: i'm going to suggest implementing keystone.identity.core.Driver then14:21
vanchesterRyan_Lane, nope, implementation of LDAP backend is different than AD usage methods expects14:22
vanchesteroh, guys, sorry for my english :)14:23
Ryan_Laneso, you mean the schema is different14:23
Ryan_Lanebecause AD is LDAP14:23
Ryan_Laneare the attributes and objectclasses hardcoded in keystone?14:23
*** ccorrigan has quit IRC14:23
dolphm_vanchester: you can also just extend the LDAP implementation14:24
vanchesterRyan_Lane, something like that. It's normal for AD not to change existing schema if we already have ifrastructure, but other LDAP-servers are more free for that. Am I right?14:24
vanchesterRyan_Lane, yes they are14:25
* Ryan_Lane groans14:25
vanchesteroh, wai... or no...14:25
Ryan_Lanevanchester: well, keystone doesn't use custom schema14:25
Ryan_Laneit uses a standard one14:26
Ryan_Laneof course, AD may not use that standard (which would be normal for AD)14:26
* Ryan_Lane hates AD14:26
vanchesterRyan_Lane it use custom chema14:27
*** cooper has joined #openstack14:27
Ryan_Lanekeystone does/14:27
vanchesteror i don't understand what custom is14:27
Ryan_LaneI'm pretty sure keystone does not use a custom schema14:27
Ryan_Lanelemme look14:27
*** dachary has joined #openstack14:27
*** chuck_ has joined #openstack14:28
vanchesterhttp://adam.younglogic.com/2012/02/openstack-keystone-ldap-redux/14:28
noobzynzel: is there another endpoint to configure when you click on the projects tab in the dashboard?14:28
noobzynzel: in the admin tab the projects list but when i click on the tab it just stalls14:28
*** rnorwood has quit IRC14:29
vanchesterdolphm_, extending is first what i was thought about14:29
*** zul has quit IRC14:29
Ryan_Lanevanchester: none of that schema is custom14:29
*** jongleur has quit IRC14:29
*** esm has joined #openstack14:29
*** chuck_ has quit IRC14:29
*** esm is now known as Guest7468414:29
Ryan_LaneorganizationalRole, roleOccupant, groupOfNames and inetOrgPerson are all standard schemas14:29
*** AlanClark has joined #openstack14:30
Ryan_Laneagain, AD may not include that schema....14:30
Ryan_LaneI know for sure it does include groupOfNames and inetOrgPerson14:30
Ryan_LaneI'd be very surprised if inetOrgPerson wasn't already an objectclass on your user entries14:31
vanchesterRyan_Lane, ok, but AD AFAIK uses this schemas for something different14:31
Ryan_Lanefor groups, AD uses its own schema14:31
vanchesteryeah14:31
Ryan_Lanebut that doesn't mean you can't use groupOfNames14:31
Ryan_Laneseems OrganizationalRole is also included in AD: http://msdn.microsoft.com/en-us/library/windows/desktop/ms683885%28v=vs.85%29.aspx14:32
vanchesteri'm confused by all of that...14:32
*** drewlander has quit IRC14:32
*** AlanClark has quit IRC14:33
Ryan_Lanehttp://msdn.microsoft.com/en-us/library/cc221556%28v=prot.10%29.aspx14:33
Ryan_Lane^ there's groupOfNames14:33
uvirtbotRyan_Lane: Error: "there's" is not a valid command.14:33
*** jackh has quit IRC14:33
Ryan_Laneit's kind of sad that keystone hardcodes the attributes and objectclasses, though14:35
Ryan_Lanebecause it would be ideal for AD users to use the group objectclass, rather than groupOfNames14:35
Ryan_Lanethough it's probably a good idea to use organizationalRole14:35
*** zul has joined #openstack14:35
vanchesterRyan_Lane, well thank you for advices and feedback. I'm really didn't thought about and understand that stuff)14:38
Ryan_Lanewell, I'm basically just saying that keystone will work perfectly fine14:38
Ryan_Lanewith AD14:38
Ryan_Lanebased on the current design14:39
*** rnorwood has joined #openstack14:39
*** jcannava has joined #openstack14:39
*** koolhead11 has quit IRC14:41
*** shang has quit IRC14:41
*** robbiew has joined #openstack14:41
*** paulmillar_ has quit IRC14:42
*** paulmillar has joined #openstack14:42
trapniwhat is noVNC meaning by "Invalid Token"?14:45
*** shang has joined #openstack14:45
*** littleidea has joined #openstack14:52
*** asavu has quit IRC14:53
*** blamar has joined #openstack14:53
*** datsun180b has joined #openstack14:56
*** KavanS has joined #openstack14:58
*** bencherian has joined #openstack14:58
*** sstent has quit IRC15:00
*** sleepson- has quit IRC15:00
*** littleidea has quit IRC15:00
*** sleepson- has joined #openstack15:00
*** sstent has joined #openstack15:01
*** reidrac has quit IRC15:01
*** cryptographrix has quit IRC15:01
*** cryptographrix has joined #openstack15:02
*** alexn6 has left #openstack15:02
*** Triade1 has quit IRC15:03
vanchesterdolphm_, is token_auth a mdware for inserting to service's pipeline or into keystone pipeline? :)15:03
*** hunglin has joined #openstack15:04
*** dubsquared has quit IRC15:04
*** rnirmal has joined #openstack15:05
*** Glace has quit IRC15:05
uvirtbotNew bug: #1015613 in glance "Test output polluted with debug logging" [Undecided,In progress] https://launchpad.net/bugs/101561315:05
alex88from dashboard i can't get users and project, what could be the problem?15:06
alex88from logs i cannot see any request to api15:06
*** anderstj has joined #openstack15:07
*** cgrage has joined #openstack15:08
*** anderstj has quit IRC15:08
*** vachon has joined #openstack15:09
*** shaon has quit IRC15:09
vachonanyone have a quick way to get a S3 AMI into glance?15:09
dolphm_vanchester: keystone.middleware.core.TokenAuthMiddleware (token_auth) runs in keystone's pipeline; keystone.middleware.auth_token.AuthProtocol (auth_token) protects other services and talks remotely to keystone15:09
*** blamar has quit IRC15:09
alex88vachon, i usually download ubuntu ec2 images and add those15:10
vachoni have prebuilt ones i need15:10
vachonthey are chunked too15:10
*** freeflyi1g has joined #openstack15:11
*** mattray has joined #openstack15:11
*** dachary has quit IRC15:12
*** jedi4ever has joined #openstack15:12
*** tty has quit IRC15:13
vachonof course s3 chunked ones are encrypted…. awesome, screw it, new squeeze isos for now15:13
*** kbringard has joined #openstack15:13
*** freeflying has quit IRC15:14
*** dwcramer has joined #openstack15:15
*** c0t0d0s0 has quit IRC15:15
*** dachary has joined #openstack15:17
*** Glace has joined #openstack15:18
*** shang has quit IRC15:19
*** dachary has quit IRC15:21
*** dachary has joined #openstack15:21
*** dachary has quit IRC15:21
*** ohad_ has joined #openstack15:23
*** dachary has joined #openstack15:23
noobi found my error15:23
noobBadRequest: Unable to communicate with identity service: [Errno 110] Connection timed out. (HTTP 400)15:23
*** blamar has joined #openstack15:23
noobwhen i click on anyhting in the project panel i get that15:24
*** heckj has joined #openstack15:25
*** rwmjones_afk is now known as rwmjones15:25
*** ohad has quit IRC15:26
noobthis has to do with keystone i think15:26
*** dachary has quit IRC15:27
*** nethope has left #openstack15:30
*** dubsquared has joined #openstack15:30
*** nmistry has joined #openstack15:31
vanchesterdolphm_, thank you. The question was about second one.15:33
*** uksysadmin has quit IRC15:34
*** Protux has joined #openstack15:34
*** davepigott_ has quit IRC15:35
uvirtbotNew bug: #1015629 in openstack-ci "gmail not accepting connections from stackforge gerrit" [Undecided,New] https://launchpad.net/bugs/101562915:36
*** asavu has joined #openstack15:36
*** shang has joined #openstack15:36
noobwhen the horizon dashboard says Could not retrieve tenant list is that something i should configure in keystone?15:37
*** mrjazzcat has joined #openstack15:38
noobi'm not sure what horizong is using to connect with15:38
*** maoy has joined #openstack15:38
*** shang has quit IRC15:40
*** dcramer_ has joined #openstack15:42
uvirtbotNew bug: #1015638 in nova "JSON returned by nova not conform to docs" [Undecided,New] https://launchpad.net/bugs/101563815:45
*** dwcramer has quit IRC15:46
*** NashTrash has quit IRC15:47
*** joearnold has joined #openstack15:49
*** shang has joined #openstack15:50
*** arBmind has quit IRC15:50
*** shang has quit IRC15:51
*** arBmind has joined #openstack15:51
*** jkelly has joined #openstack15:51
*** trevman2001 has joined #openstack15:52
*** zul has quit IRC15:52
*** dubsquared has quit IRC15:53
*** whenry has quit IRC15:54
*** jkelly has left #openstack15:54
*** taupen has quit IRC15:54
*** osier has quit IRC15:54
*** ramjett has joined #openstack15:57
*** littleidea has joined #openstack15:58
*** ramjett has left #openstack15:59
*** nmistry has quit IRC16:00
*** littleidea has quit IRC16:01
uvirtbotNew bug: #1015650 in openstack-ci "pypi mirror not used in all cases" [High,Triaged] https://launchpad.net/bugs/101565016:01
*** whenry has joined #openstack16:01
*** vitiho_ has quit IRC16:02
*** ejat has joined #openstack16:04
*** ejat has quit IRC16:04
*** ejat has joined #openstack16:04
*** dcramer_ has quit IRC16:05
*** Leseb has quit IRC16:05
*** nmistry has joined #openstack16:06
*** dubsquared has joined #openstack16:07
*** ahasenack has quit IRC16:07
*** lloydde has joined #openstack16:09
*** bencherian has quit IRC16:09
*** leifmadsen has quit IRC16:09
*** sstent has quit IRC16:15
*** ahasenack has joined #openstack16:17
*** garyk has quit IRC16:17
*** andutros has joined #openstack16:18
*** nacx has quit IRC16:19
*** taupen has joined #openstack16:20
*** immotus_ has joined #openstack16:20
*** shaon has joined #openstack16:21
*** vitiho has joined #openstack16:21
*** nati_ueno has joined #openstack16:21
*** paulmillar has quit IRC16:21
*** s0mik has joined #openstack16:22
derchrishi there. i was wondering if anyone can recommend a hoster which i can use to try and play around with openstack?16:25
derchrisor better said, what does a hoster need to provide in order to run a openstack environment16:25
*** Glace has quit IRC16:28
vachontechnically you can run it anywhere under qemu16:28
vachonit just will suck16:28
*** zul has joined #openstack16:28
*** dneary has joined #openstack16:28
dnearyHi all16:29
dnearyI'm a little confused16:29
vachonderchris: what are you trying to test16:29
*** metral has joined #openstack16:29
dnearyWhat is the relationship between OpenStack Compute/Storage/Networking/Identity/Dashboard and Swift/Quantum/Nova/Glance/Keystone?16:30
dnearyAre the latter codenames for the former? I find theml in URLs and code projects, but not on the opnestack.org/projects page16:30
vachon compute = nova, storage = swift, networking = quantum, identity = keystone, dashboard = horizon16:30
notmynamecompute = nova, object storage = swift, networking = quantum, identity = keystone, dashboard = horizon16:30
dolphm_image storage = glance16:31
notmynamemarketing names vs. code project names16:31
immotus_dneary: this doc has been helping me with those questions... http://docs.openstack.org/essex/openstack-compute/admin/content/conceptual-architecture.html16:31
*** reed has quit IRC16:31
derchrisvachon, i would like to install a whole openstack environment, which can be reached over the internet. but from what i know so far, there are certain hw/sw requirments16:31
vachonyou could run devstack on any VPC16:32
dnearyimmotus: Thanks!16:32
vachonit will run gemu and be slow16:32
vachonvery very slow16:32
vachonif it works16:32
vachon*qemu16:32
vachonyou are better off just using virtual box and doing stuff in there16:32
*** salgado is now known as salgado-lunch16:33
abniyidoes any one know documentation for install openstack on a system with single nic16:34
immotus_dneary: np.  I'm very new to OpenStack myself, but the docs seem to be pretty well written16:34
derchrisi should have the hw power, just not aware of any special requirments. like i can have vlan support for more then 2 servers, but do i need it?16:34
dnearySo Horizon == Dashboard, Nova == Compute, Glance + Swift == Storage, Keystone == Identity?16:34
vachonSwift is object storage16:35
vachonglance is image storage16:35
dnearyOK16:35
notmynamedneary: glance provides a bridge between nova and swift16:35
vachonswift CAN back glance, but its not a prerequisite16:35
dnearyvachon, So as they relate to "OpenStack Storage"...16:35
vachonyea16:35
*** ejat has quit IRC16:35
derchrisso if i have 2 servers with 2 nics, one external with internet ip, and the other one connected to a vlan for internal communication. that should work. if i use one as storage, and the for compute?16:37
*** NashTrash has joined #openstack16:37
*** anderstj has joined #openstack16:37
vachonnot really16:37
vachonthe switch needs to support vlan trunking and passthrough16:38
*** dwcramer has joined #openstack16:38
*** somik has joined #openstack16:39
derchrisit sounds like i would have to look into co-location16:39
vachonit "has" been done on ec216:39
vachonvmware workstation handles it like a champ16:40
*** alekibango has quit IRC16:40
*** s0mik has quit IRC16:40
*** somik is now known as s0mik16:40
vachondepends your spend and how deep down the rabbit hole you want to go for testing16:40
derchristhe result should be a running cloud environment, where i and a few friends can go an create os instances for testing16:41
*** asavu has quit IRC16:41
*** rpawlik has joined #openstack16:41
vachonwell, yea, dedicated boxes or colo are your best bet imho16:42
vachonbut thats a bit of change16:42
vachonif you have nice INET at your house, you can run it on a couple of old beater desktops16:42
*** Glace has joined #openstack16:42
derchrisas i said, i have one who offers vlan support16:42
vachonthen go for it, i can tell you it takes quite a while to get everything great.  I bought a big cluster, still doing setup/re-setup/re-re-setup16:43
vachonbefore i send it to a colo16:43
vanchesterdolphm_, i sorry for strange question (there is all in the docs) but why do we need token_auth middleware (from token_auth.py)?16:44
derchrisits ok if it takes a while, just wanted to make sure it will run it16:44
vanchesterdolphm_, ain't keystone by itself manages all actions about tokens?16:44
dolphm_vanchester: where are you seeing "token_auth.py"?16:45
derchrisi know, ideally you should have each service running on its own host. but can i group some of them together?16:45
*** alekibango has joined #openstack16:45
dolphm_derchris: absolutely16:45
vanchesterdolphm_, auth_token.py16:45
vachonderchris: i run a ton on one for testing things16:46
dolphm_vanchester: do you want any authentication in front of your openstack services?16:46
derchrissounds like i would be ok to get a single server for now then16:46
*** garyk has joined #openstack16:47
derchrisand have all running on the same host?16:47
dolphm_vanchester: if not, remove auth_token from your pipeline and forge requests as you please16:47
vachonswift might be cranky16:47
vachonits however, optional16:47
vachonso yes, i would start there, then vlan'ing isn't as super critical16:47
*** warik has joined #openstack16:47
*** e1mer has quit IRC16:48
derchriscool, might do that then16:48
*** tty has joined #openstack16:48
vanchesterdolphm_, but why docs says us to insert also keystone middleware? http://docs.openstack.org/developer/keystone/configuringservices.html#configuring-swift-to-use-keystone16:48
*** littleidea has joined #openstack16:48
derchrisand hopefully, adding new services should be easy enough16:48
*** littleidea_ has joined #openstack16:48
dolphm_vanchester: because most people prefer to secure their swift deployment16:49
vanchesterah, yeah, this one is only for swift16:49
*** g has joined #openstack16:49
vanchesterso i need to look what does it doing16:49
*** g is now known as Guest3683116:49
*** littleidea has quit IRC16:52
*** littleidea_ is now known as littleidea16:52
*** pixelbeat has quit IRC16:53
*** immotus_ has quit IRC16:53
*** jog0 has joined #openstack16:53
*** nmistry has quit IRC16:54
*** leifmadsen has joined #openstack16:54
*** joesavak has quit IRC16:55
uvirtbotNew bug: #1015685 in glance "Consistent logger instantiation" [Wishlist,In progress] https://launchpad.net/bugs/101568516:55
*** jog0 has left #openstack16:58
*** littleidea has quit IRC16:58
*** Leseb has joined #openstack16:59
noobdoes anyone know how to get quantum to show up on the dashboard?17:01
*** GheRivero_ has joined #openstack17:03
*** r0tha has joined #openstack17:03
*** zinjacoder has quit IRC17:05
vanchesterdolphm_, yeah, now i understand that middleware and backends are different things. Middleware are used by services - thats what i didn't even thought about :)17:08
*** metral_ has joined #openstack17:08
vanchesterdolphm_, thx for your patient explanation17:08
*** zinjacoder has joined #openstack17:09
*** metral has quit IRC17:09
*** metral_ is now known as metral17:09
*** zinjacoder has quit IRC17:09
*** vachon has left #openstack17:10
*** marrusl has quit IRC17:10
*** ccustine has joined #openstack17:12
*** marrusl has joined #openstack17:13
*** koolhead17|afk has joined #openstack17:14
*** dachary has joined #openstack17:15
*** darraghb has quit IRC17:17
*** dachary has quit IRC17:18
*** jfluhmann has joined #openstack17:18
*** jplewi has joined #openstack17:19
*** natea has quit IRC17:19
*** primozf has quit IRC17:19
*** natea has joined #openstack17:19
uvirtbotNew bug: #1015702 in horizon "Lazy tab loading overwrites query params" [Medium,In progress] https://launchpad.net/bugs/101570217:20
*** notze has quit IRC17:21
*** keruspe has quit IRC17:21
*** nphase has joined #openstack17:21
*** koolhead17|afk is now known as koolhead1717:22
*** salgado-lunch is now known as salgado17:24
*** Leseb has quit IRC17:26
*** notze has joined #openstack17:30
uvirtbotNew bug: #1015705 in devstack "devstack won't install with http_proxy set" [Undecided,New] https://launchpad.net/bugs/101570517:31
*** arBmind has quit IRC17:31
*** notze_ has joined #openstack17:34
*** notze has quit IRC17:35
*** Ryan_Lane has quit IRC17:35
*** notze has joined #openstack17:37
*** Guest74684 has quit IRC17:37
*** vanchester has quit IRC17:38
*** notze_ has quit IRC17:39
*** noob has quit IRC17:41
*** shang has joined #openstack17:42
*** dpippenger has joined #openstack17:44
*** mszilagyi has joined #openstack17:45
*** reed has joined #openstack17:46
*** zul has quit IRC17:46
*** taupen has quit IRC17:46
*** zul has joined #openstack17:52
*** GheRivero_ has quit IRC17:53
*** matwood has quit IRC17:53
*** jedi4ever has quit IRC17:54
*** sstent has joined #openstack17:55
*** matwood has joined #openstack17:55
*** notze has quit IRC17:56
*** pnavarro has joined #openstack17:57
*** hunglin has quit IRC17:58
*** Dr_Who has joined #openstack18:03
*** Dr_Who has joined #openstack18:03
*** Dr_Who has quit IRC18:04
*** erikzaadi has quit IRC18:04
*** shang has quit IRC18:07
*** shang has joined #openstack18:08
*** realnorth has joined #openstack18:08
*** dhellmann has quit IRC18:10
realnorthanyone have experience putting glance on its own separate node?18:10
uvirtbotNew bug: #1015731 in nova "resize leave leftover libvirt configs" [Undecided,New] https://launchpad.net/bugs/101573118:11
*** dhellmann has joined #openstack18:11
*** hunglin has joined #openstack18:13
*** metral has quit IRC18:14
*** metral has joined #openstack18:14
*** NashTrash has quit IRC18:16
*** Guest44656 has quit IRC18:16
*** dubsquared has quit IRC18:19
*** avoine has joined #openstack18:20
*** NashTrash has joined #openstack18:20
NashTrashHello Stackers!18:22
NashTrashDoes anyone have swift + keystone + s3 working that could help me?18:22
NashTrashI get " WARNING:keystone.middleware.auth_token:Unable to find authentication token in header" in the proxy-server logs.18:23
*** leifmadsen has quit IRC18:23
*** dubsquared has joined #openstack18:24
*** warik has left #openstack18:25
dolphm_NashTrash: are you using delay_auth_decision = 1?18:26
NashTrashdolphm_: Yes18:27
*** marrusl_ has joined #openstack18:27
dolphm_NashTrash: and the s3token middleware is in front of authtoken?18:27
NashTrashdolphm_: here is my pipeline — pipeline = catch_errors healthcheck cache swift3 s3token authtoken keystone proxy-server18:27
*** ea1het has joined #openstack18:28
NashTrashdolphm_: And the relevant proxy-server.conf info — http://paste.openstack.org/show/18663/18:28
dolphm_NashTrash: well, with delay_auth_decision = 1, that warning is *only* a warning -- is the request in question still being rejected as unauthorized?18:28
*** marrusl has quit IRC18:28
NashTrashdolphm_: Yes.  The client (CyberDuck) can not connect.18:29
*** dendro-afk is now known as dendrobates18:30
*** Glace has quit IRC18:31
*** wiliam has quit IRC18:34
*** littleidea has joined #openstack18:35
*** realnorth has quit IRC18:37
*** abniyi has quit IRC18:37
*** realnorth has joined #openstack18:38
*** wiliam has joined #openstack18:41
*** joesavak has joined #openstack18:43
*** eglynn__ has quit IRC18:44
*** eglynn has joined #openstack18:44
*** Free_maN has quit IRC18:48
realnorthanyone setup glance and swift on their own server before?18:49
realnorthcan't get Glance to connect to the conrtol node18:49
*** Glace has joined #openstack18:49
*** jog0 has joined #openstack18:49
*** jog0 has quit IRC18:50
*** jog0 has joined #openstack18:50
*** nmistry has joined #openstack18:51
*** Glace has quit IRC18:51
*** Glace has joined #openstack18:53
*** epim has joined #openstack18:54
*** nati_ueno has quit IRC18:55
*** never2far has quit IRC18:55
sniperdrealnorth: not glance, just swift18:55
NashTrashdolphm_: Figured it out.  I had to add the s3_extension to Keystone.18:55
realnorthoh I'm trying to get Glance on its own node and can't seem to get them to connect18:56
realnorthhttp://serverfault.com/questions/391449/openstack-multiple-nodes-separate-glance-and-keystone-machines18:56
realnorthsimilar to that18:56
NashTrashdolphm_: Now my admin user can connect just fine, but my user with role=memberRole gets a 40318:56
*** ea1het has quit IRC18:56
realnorthI added the two python libraries18:56
*** dendrobates is now known as dendro-afk18:57
*** albert23 has joined #openstack18:58
*** leifmadsen has joined #openstack18:58
realnorthhttp://pastebin.com/zFdHCWiZ that's a link to my log info from the last time I ran it18:59
realnorthjust did /etc/init.d/glance-registry restart18:59
realnorthand it prints that into the thing18:59
realnorththe upstart log just says connection closed18:59
*** notze has joined #openstack19:00
*** optiz0r has joined #openstack19:03
*** optiz0r_ has quit IRC19:04
*** notze has quit IRC19:05
realnorthanyone have any ideas?19:06
sniperdrealnorth: sorry, I have no idea on glance, if it was a swift issue I might be able to help19:07
realnorthI understand19:07
*** clopez has quit IRC19:13
*** koolhead17 has quit IRC19:16
*** DavidLevin has quit IRC19:17
*** DavidLevin has joined #openstack19:20
*** omenar has joined #openstack19:21
omenarhello :D19:21
*** s34n has joined #openstack19:22
*** lts has quit IRC19:23
omenarI've got a question: Is possible to add a compute-node to the cloud which is not in the same network that the cloud-controller?19:23
*** ttrifonov is now known as ttrifonov_zZzz19:23
omenarfor example... the cloud-controller and 2 compute-nodes are in the 10.10.14.x subnet and the other nodes are in the 10.10.21.x subnet...19:24
omenarI've been thinking that this could be problematic...19:25
zynzelthis depends on nova-network not nova-compute.19:26
zynzelif nova-compute could connect to rabbit&&mysql it will work.19:27
omenarreally? and the bridge?19:27
zynzelomenar: and the bridge is menaged by nova-network ;P19:27
zynzelin many cases* :)19:27
omenaruhm, I understand... so... I don't need to do anything special for this?19:28
zynzelomenar: you dont understand, this depends on your architecture19:29
zynzelwhere nova-network is running19:29
zynzelwhat network manager is used19:29
zynzelwhat is 10.10.14.x? float? fixed? mgmt?19:30
zynzeland bazylion other options.19:30
omenarnova-network is running with the cloud controller...19:30
zynzelnobody know yours env, so nobody can help you19:30
zynzelwithout more info.19:30
omenarand... 10.10.14.21 are the float ips19:30
omenarthe fixed ips are like 192.168.22.x19:30
omenarwhich are bridged by all the compute-nodes19:30
omenar10.10.14.x* sorry19:31
*** swift-india has joined #openstack19:31
zynzelomenar: if you have one nova-network service19:31
omenaraham,19:31
zynzelso only cloud controler can be in 10.10.14.x19:31
zynzelnot compute nodes.19:31
*** epim has quit IRC19:31
omenarwhy? =S19:31
omenar(I'm very new to openstack... sorry =( )19:32
zynzelomenar: and for what compute node use 10.10.14.x? ;)19:32
zynzelomenar: no problem, maybe i can clear you some openstack hacks :)19:32
omenarlet see... I have three machines...19:33
omenar10.10.14.21 is running nova-api, nova-network, nova-compute, nova-volume, etc...19:33
omenar10.10.14.22 is running only nova-compute19:33
omenarand 10.10.14.23 is also running only nova-compute19:33
*** Guest36831 has quit IRC19:33
*** dwcramer has quit IRC19:34
omenar(10.10.14.21 is also running mysql, rabbitmq, keystone and glance)19:34
*** realnorth has quit IRC19:35
zynzelomenar: so, if you have another compute-node with address 10.10.21.10 (for example)19:35
omenarthat's right19:35
*** alex88 has quit IRC19:35
zynzelit will works until you have routing between 10.10.14.x and 10.10.21.x19:35
zynzelso 21.10 can connect to 14.2119:35
omenarthat's interesting...19:35
*** dneary has quit IRC19:36
omenarand, what about the VMs?19:36
zynzeland 21.10 have acess to 192.168.22.x (vlan?)19:36
zynzelnot exacly 21.10 but vms running on 21.10 :)19:36
omenarnope, flatmanager =/... I made a bad choice?19:36
zynzelomenar: so 192.168.22 is on other interface?19:37
zynzelis alias on 10.10.14.x interface?19:37
omenaris an alias... exactly19:37
omenareth0:119:37
*** jedi4ever has joined #openstack19:37
*** asavu has joined #openstack19:38
zynzelomenar: so its depends on your network infrastructure19:38
zynzelsimply test it :)19:38
zynzelrun server with address 10.10.21.10 && alias 192.168.22.X19:38
zynzeland check if you have access to 192.168.22.0/24 network19:38
zynzelif yes, great you are done.19:39
omenarFlatManager is recommended in this situation? :S19:39
*** rkukura has quit IRC19:39
zynzelomenar: best solution is quantum (but this is not very stable in essex as i know)19:39
zynzelwe use flatdhcp+few changes19:40
omenarfew changes sounds like dark magic...19:40
omenarhehehe19:40
zynzelomenar: bond+vlan on system level19:40
zynzel+few changes in nova code for availability zones :)19:40
*** robbiew has quit IRC19:41
*** joesavak has quit IRC19:41
*** larsks has joined #openstack19:41
omenaranyway... I will try tomorrow this setup (in 5 minutes the lab will be close)... thanks for your help and patience!!!19:41
*** dolphm_ has quit IRC19:42
omenarI have a little question... related to availability zones...19:42
zynzelomenar: ?:)19:42
omenarEssex is "availability zones" capable?19:42
zynzelnot really19:42
zynzelthere are a few fail in code19:43
zynzelbut mostly it works :)19:43
*** never2far has joined #openstack19:43
zynzel95% of code is done19:43
omenarin Essex? that's weird... I've been reading that was removed and that will be back in Folsom :S19:43
zynzelomenar: zones was removed19:44
zynzelnot availability zones :)19:44
omenarwhat's the difference? :S19:44
zynzelgood question :D19:44
zynzelzone is logical separation/connection of services19:45
*** notze has joined #openstack19:45
*** dendro-afk is now known as dendrobates19:45
zynzelzone have parent, and if any request goes to parent it will be transfered to chilldren19:46
zynzel(imo, dont read about this too much)19:46
omenarand availability zones is only related to nova-compute and scheduling of instances?19:46
zynzelin folsom, zones should be renamed to 'ceils'19:46
zynzelomenar: exacly, also to nova-volume19:47
zynzeland in my env also to nova-network ;)19:47
omenarI see...19:47
omenarYou are using the diablo release?19:47
zynzelomenar: 2rc before essex19:48
omenarthat release is "availability zones" capable?19:48
zynzelomenar: as i say, mostly :)19:49
omenar(I'm doing a work for my university related with geographically distributed computing... that is why I'm interested in Openstack and availability zones...)19:49
*** heckj has quit IRC19:49
*** notze_ has joined #openstack19:50
*** notze has quit IRC19:50
larsksThis duplicates a question I posted to the list, but I thought I'd try my luck here: In a FlatDHCP networking world, how are instances supposed to contact the metadata server? The iptables rules set up by nova-network skip SNAT for access to the metadata server, and this is causing routing issues for us.19:50
*** robbiew has joined #openstack19:50
omenarzynzel: anyway... got to go... thank you very very very much!19:50
*** zigo has quit IRC19:50
zynzelomenar: no problem.19:50
omenaromenar: have a nice day :)19:51
zynzellarsks: mabe install nova-api-metadata on compute-node?19:51
omenaromenar: or night... hahaha19:51
*** swift-india has quit IRC19:51
zynzelomenar: you too19:51
zynzel:)19:51
*** omenar has quit IRC19:51
Diopterlarsks: Are you not running metadata directly on your compute nodes? It sounds like you're trying to route the 169.254.0.0/16 IP space, which is somewhat difficult to do.19:51
*** swift-india has joined #openstack19:51
larsksOn *each* compute node?  I guess I'm not clear exactly where the metadata service is supposed to be located.19:51
Diopterlarsks: On each, yes.19:51
larsksAh, got it.  We have it running on our controller right now along with nova-api.19:51
zynzellarsks: in large deployment you should have nova-api-metadata on every compute-node19:51
zynzelit is slow, so if you have 1, 2 or 3 metadata-api only they will die ;)19:52
Diopterlarsks: 169.254/16 is the APIPA range (IPv4 link-local) and is treated specially in *n?x and other RFC compliant systems when it comes to routing.19:52
zynzellarsks: also if you use smth before essex, check for patches :)19:52
larsksThanks for the suggestions.  I'll give it a shot and see how it works out.19:52
larsksDiopter: We're not trying to route the 169.254.169.254 address; SNAT on the host rewrites that before packets hit the network.19:53
larsksWe're running Essex right now.19:53
Diopterlarsks: Maybe, maybe not. Depends on if your VIFs are bridged. Bridged interfaces enter the netfilter hooks (such as the NAT table's POSTROUTING chain) differently than non-bridged interfaces19:54
*** robbiew has joined #openstack19:54
larsksDiopter: I promise, we're not :).  But thanks for the suggestion.19:54
Diopterlarsks: I'm just pointing out that relying on being able to route/NAT 169.254 is difficult at best :)19:54
*** pretec has joined #openstack19:55
larsksWith the packaging for Fedora/CentOS, openstack-nova-metadata-api can be started separately...but it looks like nova-api will *also* start the metadata service if it's not otherwise running.  Is this expected behavior?19:55
*** dachary has joined #openstack19:58
*** rnorwood has quit IRC19:58
*** notze_ has quit IRC19:59
*** Glace has quit IRC20:01
larsksArgh.  So, with the metadata api service on the compute host, it assigns 169.254.169.254 to a local interface, rather than using an SNAT rule...so access works fine on port 8775, but now we've lost the magic that redirects access to port 80 at 169.254.169.254 to port 8775 (which some of the existing VM images out there seem to rely on).  How are people dealing with this?20:02
*** mutex has left #openstack20:02
*** Glace has joined #openstack20:02
*** rkukura has joined #openstack20:02
larsksI guess I can set up a simple tcp proxy...20:02
larsks...or iptables -t nat -I PREROUTING 1 -d 169.254.169.254 -p tcp --dport 80 -j REDIRECT --to-ports 8775 works.  Now to figure out why nova-network doesn't add this automatically...20:04
*** Leseb has joined #openstack20:04
*** Leseb has quit IRC20:05
*** jaustinpage has joined #openstack20:05
*** japage has quit IRC20:05
uvirtbotNew bug: #1015773 in openstack-manuals "Need -1 instead of one for compute_fill_first_cost_fn_weight=1.0" [Undecided,New] https://launchpad.net/bugs/101577320:06
*** Leseb has joined #openstack20:06
*** Leseb has quit IRC20:07
*** dendrobates is now known as dendro-afk20:07
*** Leseb has joined #openstack20:07
*** dwcramer has joined #openstack20:07
*** matwood is now known as matwood-lunch20:07
*** dubsquared has quit IRC20:09
*** dendro-afk is now known as dendrobates20:09
*** datsun180b_ has joined #openstack20:10
*** rmartinelli has quit IRC20:11
*** datsun180b has quit IRC20:14
*** datsun180b_ is now known as datsun180b20:14
*** dolphm has joined #openstack20:15
*** sdake has quit IRC20:15
*** sdake has joined #openstack20:15
*** sdake has quit IRC20:16
*** sdake has joined #openstack20:16
*** wiliam has quit IRC20:16
*** johnpostlethwait has joined #openstack20:16
*** Ryan_Lane has joined #openstack20:18
s34nI'm trying to throw together some minimum hardware to start playing with openstack. Do the servers need to be VT-enabled?20:19
*** DavidLevin has left #openstack20:20
*** dubsquared has joined #openstack20:23
*** jcannava has left #openstack20:24
*** DavidLevin has joined #openstack20:24
annegentles34n: for LXC, no, see http://docs.openstack.org/trunk/openstack-compute/install/content/compute-system-requirements.html20:25
larsksHmm, linux_net.py is creating a DNAT rule that doesn't work.  Replacing it with a REDIRECT rule works correctly.20:27
Diopterlarsks: Elaborate?20:28
larskslinux_net.py creates: -A nova-network-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 127.0.0.1:877520:28
larsksThis clearly matches packets, but they never making this to the metadata service.20:29
larsksReplacing this rule with: -A nova-network-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 877520:29
larsks...everything works.20:29
larsksI'm not sure that DNAT is meant to work with traffic that is both sourced and consumed on the same host...20:29
Diopterlarsks: REDIRECT's purpose is to change the destination IP to the primary on the incoming interface, which ostensibly should be lo, and the primary should be 127.0.0.120:30
Diopterlarsks: So... what does your loopback look like? :P20:30
DiopterAn "ip a" would probably be handy20:31
larsks'ip addr show dev lo' yields:20:31
larsks1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN20:31
*** Ryan_Lane has quit IRC20:31
larsks    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:0020:31
larsks    inet 127.0.0.1/8 scope host lo20:31
larsks    inet 169.254.169.254/32 scope link lo20:31
*** cgrage has left #openstack20:31
*** datsun180b has quit IRC20:31
*** datsun180b has joined #openstack20:31
DiopterWell that's certainly interesting that your DNAT doesn't seem to work while your REDIRECT does, since they should have the exact same effect in this case.20:31
larsksYeah.  The iptables documentation isn't explicit as to whether or not DNAT should work in this case...but I presume other folks have had success with this rule.  So I'm puzzled.20:33
Diopterlarsks: It definitely does, and should. The only potential snafu with NAT behavior involves bridges, but that would affect any rule in the NAT table chains the same, whether DNAT or REDIRECT20:34
*** Trixboxer has quit IRC20:34
*** zul has quit IRC20:35
larsksHmm.  I will stare at it a bit more before throwing up my hands :).20:35
Diopterlarsks: Maybe it'd help if you pastebin'd some network info. "ip a; ip r; iptable-save; netstat -lntp" sort of thing20:36
DiopterMight be something subtle.20:37
DiopterMaybe add in ip rule for funsies20:37
Diopterbrctl show...20:37
*** dwcramer has quit IRC20:38
larsksHere's a start: https://gist.github.com/296208720:41
*** epim has joined #openstack20:42
*** dprince has quit IRC20:42
larsksThe output of `ip addr show` has been filtered to only include interfaces with ipv4 addresses (because there are a lot of them, otherwise).20:42
*** dieterdemeyer has quit IRC20:42
*** Glace has quit IRC20:42
*** arBmind has joined #openstack20:42
Diopterlarsks: I see. And you're not still getting hits on the DNAT rule?20:43
larsksOh, it's clearly getting *hit* (the packet and byte count increases).  The packets simply never reach the metadata service.20:45
BLZbubbaif i want to prepare a compute node for a reboot, is there an easy way to move all of its vm's to another compute node?20:45
Diopterlarsks: I mean now that you have the REDIRECT above it.20:45
larsksRight, the REDIRECT modifies the packet so that it no longer matches the destination in the DNAT rule.20:46
Diopterlarsks: Ostensibly, if the redirection was occurring to 127.0.0.1, the -d criteria of the following dnat rule wouldn't match anymore, and it should stop getting hit20:46
*** dieterdemeyer has joined #openstack20:47
Diopterlarsks: So I'm testing the assumption concerning what it's redirecting to by asking the question ;P20:47
larsksI can confirm that with both rules in place, the DNAT rule is never hit.20:47
*** cooper has quit IRC20:48
DiopterVery interesting.20:48
*** lborda has quit IRC20:49
DiopterLooks like you're on Fedora/RHEL, based on the em# interface naming20:50
larsksCentOS 6.2.20:50
*** stuntmachine has quit IRC20:50
*** KavanS has quit IRC20:51
*** lborda has joined #openstack20:52
*** immotus_ has joined #openstack20:52
*** Leseb has quit IRC20:52
Diopterlarsks: Hrm. One thing I see as being a little different is that my "-A nova-network-snat -s <fixed range> -j SNAT --to-source ..." rule has 127.0.0.1 as the to-source.20:54
Diopterlarsks: Which is pulled out of the nova-postrouting-bottom, as the fallback.20:54
DiopterI wonder if that source is assisting in the packet matching the conntrack entry to reverse the DNAT on response packets20:55
DiopterWhereas the redirect isn't relying on conntrack and just pretending like it got the packet on 127.0.0.1 in the first place.20:55
larsksLet's see what happens if I modify the rule...20:56
*** jedi4ever has quit IRC20:58
larsksI don't think the SNAT rules are even being hit, since the packets are never leaving the system.20:58
larsksYeah, the packet count doesn't increase, even for successful access to 169.254.169.254:8775.20:58
DiopterMm. Odd.20:59
zynzelanyone from germany? :D21:00
chrisgI used to live in Frankfurt21:01
chrisg:p21:01
chrisgich war ein hessischer21:02
chrisgaber ich bin wirklich ein englander21:02
chrisg;p21:02
zykes-easy now21:02
zykes-keep it english :p21:02
chrisg:D21:02
zynzeli want to buy car from berlin ;D21:02
*** steveb_ has joined #openstack21:02
zynzelbut dont have idea how this works :)21:03
*** ttrifonov_zZzz is now known as ttrifonov21:03
chrisgexporting from germany to another country?21:03
zynzelcreiht: yeah21:03
chrisgi've no idea, i hired cars when i lived over there21:04
chrisgand dont own a car now im back in the uk21:04
chrisgno point, as i'm a londoner21:04
chrisgyoull need to check with your driver registration people, in the uk youd ask the dvla about it21:05
chrisgthey'd give you information about paying import taxes and registering the car with them21:05
notmynamezynzel: pandemicsyn may be able to give you some info21:05
*** swift-india has quit IRC21:06
* zynzel may deploy openstack cluster for a car!21:06
zynzel:)21:06
*** ttrifonov is now known as ttrifonov_zZzz21:07
*** asavu has quit IRC21:08
*** rnorwood has joined #openstack21:09
*** lazyshot has quit IRC21:10
*** sieutruc has joined #openstack21:13
*** tmichael has quit IRC21:13
*** esm has joined #openstack21:18
*** esm is now known as Guest5884321:18
*** salgado is now known as salgado-afk21:20
*** kbringard has quit IRC21:20
*** avtar has joined #openstack21:21
*** pnavarro has quit IRC21:23
larsksPatched linux_net.py to use a REDIRECT rule if metadata_host is 127.0.0.1.  It's not pretty but it works.  Time to head home...21:25
*** jedi4ever has joined #openstack21:25
*** mutex has joined #openstack21:26
*** h0cin has quit IRC21:26
*** matwood-lunch is now known as matwood21:27
*** epim has quit IRC21:27
*** markvoelker has quit IRC21:28
Diopterlarsks: Might want to submit a bug on it + your patch21:28
*** dolphm has quit IRC21:29
*** KavanS has joined #openstack21:29
larsksYeah.  I'm hoping to see some opinions on the mailing list before going there...21:30
*** dolphm has joined #openstack21:31
*** ZyTer_ has quit IRC21:32
*** maoy has quit IRC21:32
*** ZyTer_ has joined #openstack21:32
*** jgruber has quit IRC21:34
*** jaypipes has quit IRC21:37
*** nati_ueno has joined #openstack21:37
*** sstent has quit IRC21:37
*** asavu has joined #openstack21:38
*** clopez has joined #openstack21:39
*** sstent has joined #openstack21:39
*** lborda has quit IRC21:39
uvirtbotNew bug: #1015802 in openstack-manuals "For the flavors extension of the Compute API, no GET included on api.openstack.org" [Undecided,New] https://launchpad.net/bugs/101580221:41
larsksNB: the DNAT rule works as long as metadata_host is not 127.0.0.1.21:42
*** tgall_foo has quit IRC21:42
Diopterlarsks: I thought your netstat showed that the metadata service was bound to 0.0.0.0:8775...21:44
larsksIt is.  This doesn't have anything to do with where the service is listening; this is an iptables issue.21:44
larsks...I believe.21:44
larsksAnyway, gotta run.  I think I may submit that special-cases 127.0.0.1.21:44
Diopterlarsks: Works for me when metadata_host is 127.0.0.1. But submit away, my platform is different than yours.21:46
*** leifmadsen has quit IRC21:46
*** james has joined #openstack21:47
*** msavy has quit IRC21:47
*** james has quit IRC21:47
*** leifmadsen has joined #openstack21:47
*** natea has quit IRC21:51
*** panpengjun has joined #openstack21:51
*** shaon has quit IRC21:53
*** panpengjun has quit IRC21:54
*** panpengjun has joined #openstack21:56
*** panpengjun has left #openstack21:57
*** Aaton_off is now known as Aaton21:57
*** markmcclain has quit IRC21:59
*** arBmind has quit IRC22:02
*** Protux has quit IRC22:02
*** dtroyer is now known as dtroyer_zzz22:03
*** crago has joined #openstack22:03
*** johnpostlethwait has quit IRC22:04
*** jplewi has quit IRC22:05
*** wilmoore has joined #openstack22:05
*** nati_uen_ has joined #openstack22:05
*** jplewi has joined #openstack22:05
*** littleidea has quit IRC22:06
*** jplewi has joined #openstack22:07
*** johnpostlethwait has joined #openstack22:07
*** littleidea has joined #openstack22:07
*** jplewi has quit IRC22:08
*** asavu has quit IRC22:08
*** nati_ueno has quit IRC22:09
*** warik has joined #openstack22:11
*** Protux has joined #openstack22:12
*** jplewi has joined #openstack22:12
*** jaustinpage has quit IRC22:14
*** warik has quit IRC22:14
*** robbiew has quit IRC22:16
*** johnpostlethwait has quit IRC22:17
*** warik has joined #openstack22:18
*** rnorwood has quit IRC22:18
*** hunglin has quit IRC22:19
*** ben_duyujie has joined #openstack22:19
*** eglynn has quit IRC22:21
*** dubsquared1 has joined #openstack22:23
*** dubsquared has quit IRC22:23
*** dolphm has quit IRC22:23
*** eglynn has joined #openstack22:29
*** jfluhmann has quit IRC22:30
uvirtbotNew bug: #1015821 in openstack-manuals "Host Aggregates is missing methods on API site" [Undecided,New] https://launchpad.net/bugs/101582122:31
*** avtar has quit IRC22:32
*** ben_duyujie has quit IRC22:38
*** e1mer has joined #openstack22:39
*** shang has quit IRC22:40
*** heckj has joined #openstack22:42
*** mattray has quit IRC22:42
*** nati_uen_ has quit IRC22:44
*** nati_ueno has joined #openstack22:45
*** littleidea has quit IRC22:45
*** ben_duyujie has joined #openstack22:46
*** littleidea has joined #openstack22:46
*** datsun180b has quit IRC22:48
*** mckraken has joined #openstack22:49
*** johnpostlethwait has joined #openstack22:49
*** vitiho has quit IRC22:49
*** eglynn has quit IRC22:51
*** eglynn has joined #openstack22:52
*** NashTrash has quit IRC22:54
*** hermy|away is now known as hermy22:54
*** KarinLevenstein has quit IRC22:55
mckrakenhi.  anyone had problems spawning VM's in Essex with a bunch of these faults:  DetachedInstanceError()  ?22:55
*** heckj has quit IRC22:56
*** albert23 has left #openstack22:56
*** miclorb has joined #openstack22:57
*** eglynn has quit IRC22:59
*** pixelbeat has joined #openstack22:59
*** steveb_ has quit IRC23:00
*** eglynn has joined #openstack23:00
*** dubsquared1 has quit IRC23:01
*** bbcmicrocomputer has quit IRC23:02
*** warik has quit IRC23:02
*** warik has joined #openstack23:02
*** marrusl_ has quit IRC23:03
*** rnirmal has quit IRC23:04
*** steveb_ has joined #openstack23:05
*** tgall_foo has joined #openstack23:06
*** Protux has quit IRC23:06
*** immotus_ has quit IRC23:07
*** trevman2001 has quit IRC23:08
*** dtroyer_zzz is now known as dtroyer23:09
*** patrick1 has joined #openstack23:09
patrick1.23:09
patrick1hi all23:09
*** Ryan_Lane has joined #openstack23:10
*** metral_ has joined #openstack23:10
patrick1it looks like openstack servers require a static IP address, and the ring builder will not allow the use of hostnames instead of IP23:10
patrick1is that true, or are we missing something?23:10
*** metral_ has quit IRC23:11
*** metral has quit IRC23:14
*** dtroyer is now known as dtroyer_zzz23:14
*** dachary has quit IRC23:16
*** lloydde has quit IRC23:18
*** salgado-afk has quit IRC23:19
*** eglynn has quit IRC23:20
*** ben_duyujie has quit IRC23:20
reedclick around this test site when you get the chance please http://stagelists.openstack.org/cgi-bin/mailman/listinfo/23:21
*** cheako has quit IRC23:23
*** mestery has quit IRC23:26
*** bradm has quit IRC23:28
*** eglynn has joined #openstack23:34
*** dolphm has joined #openstack23:34
*** anderstj has quit IRC23:38
*** dolphm has quit IRC23:38
*** nati_uen_ has joined #openstack23:39
*** dtroyer_zzz is now known as dtroyer23:41
*** nati_ueno has quit IRC23:42
*** bradm has joined #openstack23:47
*** littleidea has quit IRC23:48
*** matwood has quit IRC23:49
*** MarkAtwood has quit IRC23:50
*** pvo has quit IRC23:51
*** pvo has joined #openstack23:52
*** nati_ueno has joined #openstack23:53
*** bradm has joined #openstack23:53
*** nati_uen_ has quit IRC23:55
*** agonella has left #openstack23:55
*** mszilagyi has quit IRC23:55
*** nati_ueno has quit IRC23:55
*** nati_ueno has joined #openstack23:55
*** rnorwood has joined #openstack23:56
JoeJulianI'm trying to set up a two compute node system for the first time. I have the controller up and running properly. The first compute node I added, however, shows up as XXX (the time is in sync). I'm not even sure where to start looking. This is all that's in the compute log: http://fpaste.org/PdRI/23:58
*** nati_uen_ has joined #openstack23:59
*** nati_ueno has quit IRC23:59
« Tuesday, 2012-06-19 Index Thursday, 2012-06-21 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!