cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilya musayev <ilya.mailing.li...@gmail.com>
Subject Re: CS VR on VMware
Date Fri, 18 Jul 2014 22:18:15 GMT
Eric,

I used Advanced Shared (non-VPC) zone with ACS, vSphere and vDS on 4.1/4.2

I'll be testing it out on 4.3 shortly, we cant make use of it yet, as 
Management and Storage networks are not supported through vDS.

Regards
ilya
On 7/18/14, 11:47 AM, Eric Neumann - AOD wrote:
> Hi Geoff,
>
> Thanks again for that. :)
> FYI, I have now tested the same environment but reconfigured from distributed switch
to standard switch and it works perfectly.
>
> I'm thinking this is a bug with 4.3.0.1+vSphere5.5+dvswitching...
>
> Is anyone using the above combination successfully?
>
> -----Original Message-----
> From: Geoff Higginbottom [mailto:geoff.higginbottom@shapeblue.com]
> Sent: Saturday, 19 July 2014 1:52 AM
> To: users@cloudstack.apache.org
> Subject: RE: CS VR on VMware
>
> Ha Ha, I just realised I got my numbers all mixed up.
>
> I was referring to upgrading 4.2.1 to 4.3.0.1 !
>
> Unfortunately it did not solve your problem, but it may have been a contributing factor.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com
>
> -----Original Message-----
> From: Eric Neumann - AOD [mailto:eric.neumann@aod-cloud.com]
> Sent: 18 July 2014 18:45
> To: 'users@cloudstack.apache.org'
> Subject: RE: CS VR on VMware
>
> Hi Geoff,
> Thank you very much for this info. It hasn’t fixed the issue (same errors/symptoms
as below), but it's good to know the right version of the sysvm to use with 4.3.0.1.
>
> Thanks again,
> Eric
>
> -----Original Message-----
> From: Geoff Higginbottom [mailto:geoff.higginbottom@shapeblue.com]
> Sent: Friday, 18 July 2014 11:21 PM
> To: users@cloudstack.apache.org
> Subject: RE: CS VR on VMware
>
> Hi Eric,
>
> As you are running CloudPlatform 3.0.4.1, you should be using this system VM Template
>
> http://download.cloud.com/templates/4.3/systemvm64template-2014-06-23-master-vmware.ova
>
> This was confirmed to me by the CloudPlatform team very recently in connection with an
upgrade project we were working on, taking the system from CloudPlatform 4.2.1  to 3.0.4.1
>
> You should find this article will help you replace your existing template, with the newer
version.
>
> Regards
>
> Geoff Higginbottom
>
> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581
>
> geoff.higginbottom@shapeblue.com
>
> -----Original Message-----
> From: Eric Neumann - AOD [mailto:eric.neumann@aod-cloud.com]
> Sent: 18 July 2014 16:15
> To: 'users@cloudstack.apache.org'
> Subject: RE: CS VR on VMware
>
> Hi Paul,
> thanks for the replies!
> Yes indeed, the global setting is true and the public and guest networks are configured
as DVSWITCHNAME,,vmwaredvs in the zone.
> Cheers,
> Eric
>
>
> -----Original Message-----
> From: Paul Angus [mailto:paul.angus@shapeblue.com]
> Sent: Friday, 18 July 2014 10:54 PM
> To: users@cloudstack.apache.org
> Subject: RE: CS VR on VMware
>
> Hi Eric,
>
> If you're using distributed vswitches, have you enabled them in the global settings?
>
>
> vmware.use.dvswitch  -  true
>
>
>
>
> Regards,
>
> Paul Angus
> Cloud Architect
> S: +44 20 3603 0540 | M: +447711418784 | T: @CloudyAngus paul.angus@shapeblue.com
>
> -----Original Message-----
> From: Eric Neumann - AOD [mailto:eric.neumann@aod-cloud.com]
> Sent: 18 July 2014 15:46
> To: 'users@cloudstack.apache.org'
> Subject: RE: CS VR on VMware
>
> Hi Paul,
>
> I'm using the 64bit template from 2014-04-13 which I downloaded via http://download.cloud.com/templates/4.3/systemvm64template-2014-04-13-master-vmware.ova
>
> Cheers,
> Eric
>
> -----Original Message-----
> From: Paul Angus [mailto:paul.angus@shapeblue.com]
> Sent: Friday, 18 July 2014 10:25 PM
> To: users@cloudstack.apache.org
> Subject: RE: CS VR on VMware
>
> Hi Eric,
>
> What version of the system VM for VMware are you using?
>
>
>
> Regards,
>
> Paul Angus
> Cloud Architect
> S: +44 20 3603 0540 | M: +447711418784 | T: @CloudyAngus paul.angus@shapeblue.com
>
> -----Original Message-----
> From: Eric Neumann - AOD [mailto:eric.neumann@aod-cloud.com]
> Sent: 18 July 2014 07:56
> To: 'users@cloudstack.apache.org'
> Subject: RE: CS VR on VMware
>
> FYI,
> so to troubleshoot this further I have created completely fresh install of CloudPlatform
4.3.0.1 with a fresh vSphere 5.5 environment using distributed switching - no modifications
to any network service offerings, no modifications to anything for that matter.
>
> Created an isolated network and sure enough the problem presents itself; however doesn't
appear with VPC.
>
> The vSphere notes the following error when trying to create the VR:
>
> Task Name: Reconfigure Distributed Switch
> Target: cloud.public.3004.0.1-<DVSWITCHNAME> (3004 is the public traffic vlan in
this case)
> Status: Cannot complete operation due to concurrent modification by another operation.
>
> The management server log entry i've already posted earlier and just to confirm that
again, as before, the VR is created with 2x public NICs - one in the port group "cloud.public.3004.0.1-<DVSWITCHNAME>"
and one in "cloud.public.3004.200.1-<DVSWITCHNAME>".
>
> And as before, when looking at the VR in CloudPlatform it only shows 3 NICs - Public,
Control, Isolated - as opposed to the actual 4 NICs that the VR is built with.
>
> I'm abandoning this now, but hopefully it'll help someone with troubleshooting whatever
bug is in this area of the system…
>
>
> From: Eric Neumann - AOD
> Sent: Thursday, 17 July 2014 12:32 PM
> To: 'users@cloudstack.apache.org'
> Subject: RE: CS VR on VMware
>
> Thanks Sanjeev,
> That's good to know, however in this scenario we only had a single public IP address
allocated. (and only have one public subnet CIDR in this setup)
>
> -----Original Message-----
> From: Sanjeev Neelarapu [mailto:sanjeev.neelarapu@citrix.com]
> Sent: Thursday, 17 July 2014 12:24 PM
> To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org>
> Subject: RE: CS VR on VMware
>
> Multiple nics for public traffic will be seen on VR if we use public IP addresses from
multiple CIDRs(multiple subnets in different vlans)
> e.g: consume all public IP addresses from one cidr then add another cidr of public ip
addresses(in diff vlan) and use them for any of the SNAT/PF/LB services. In that case one
more nic will be plugged in on VR for public traffic.
>
> -Sanjeev
>
> -----Original Message-----
> From: Eric Neumann - AOD [mailto:eric.neumann@aod-cloud.com]
> Sent: Thursday, July 17, 2014 6:53 AM
> To: 'users@cloudstack.apache.org'
> Subject: RE: CS VR on VMware
>
> And after even further testing, it seems these issues (no source nat entries, additional
nics being created in another public port group) do not occur with a VPC VR, only with a isolated
network VR.
>
> Has anyone encountered anything similar to this?
>
> From: Eric Neumann - AOD
> Sent: Thursday, 17 July 2014 12:38 AM
> To: 'users@cloudstack.apache.org'
> Subject: RE: CS VR on VMware
>
> Hi Jayapal,
>
> Thanks very much for the reply.
>
>
>
> This is a custom network offering with a default egress policy of deny.
>
>
>
> Slight correction from earlier, it appears the default iptable entries are identical
between Xen VR & VMware VR of the same network offering. Also I’ve tested and confirmed
that additional egress policies do successfully get applied to the iptables in both scenarios.
>
>
>
> What I found though was that the source nat entry on the VMware VR was missing, so it
seems that isn’t being created for some reason.
>
>
>
> I’ve also noticed that the VMware VR had 5 NICs, rather than the 3 NICs I was expecting
– 1xmgmt_network, 1xcloud.guest.916.10000.VDSNAME, 1xcloud.public.3004.10000.VDSNAME and
then an additional 2x in cloud.public.3004.0.VDSNAME which doesn’t seem right.
>
>
>
> network_offerings table’s entry of the offering in question - http://pastebin.com/h4V8aKW9
(just to recap though, the problem seems to present on VMware only, not Xen even though they
share the same network offering…)
>
>
>
> the management server log output when creating a new network/VR is here - http://pastebin.com/UmMDYrt2
>
>
>
> The juicy bit seems to be this part (thought I’m not entirely sure what it means…
☺ ):
>
>
>
> 2014-07-16 14:08:45,297 ERROR [c.c.h.v.r.VmwareResource] (DirectAgent-322:ctx-4b3460ba
<<ESXHOST_IP>>) Failed to find DomR VIF to associate/disassociate IP with.
>
> 2014-07-16 14:08:45,297 ERROR [c.c.h.v.r.VmwareResource] (DirectAgent-322:ctx-4b3460ba
<<ESXHOST_IP>>) Unexpected exception: com.cloud.exception.InternalErrorException:
Failed to find DomR VIF to associate/disassociate IP with. will shortcut rest of IPAssoc commands
>
> com.cloud.exception.InternalErrorException: Failed to find DomR VIF to associate/disassociate
IP with.
>
>                  at com.cloud.hypervisor.vmware.resource.VmwareResource.assignPublicIpAddress(VmwareResource.java:1910)
>
>                  at com.cloud.hypervisor.vmware.resource.VmwareResource.execute(VmwareResource.java:2092)
>
>                  at com.cloud.hypervisor.vmware.resource.VmwareResource.executeNetworkElementCommand(VmwareResource.java:431)
>
>                  at com.cloud.hypervisor.vmware.resource.VmwareResource.executeRequest(VmwareResource.java:502)
>
>                  at com.cloud.agent.manager.DirectAgentAttache$Task.runInContext(DirectAgentAttache.java:215)
>
>                  at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:50)
>
>                  at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
>
>                  at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
>
>                  at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
>
>                  at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:47)
>
>                  at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>
>                  at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
>
>                  at java.util.concurrent.FutureTask.run(FutureTask.java:166)
>
>                  at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(ScheduledThreadPoolExecutor.java:165)
>
>                  at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:266)
>
>                  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
>
>                  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>
>                  at java.lang.Thread.run(Thread.java:701)
>
>
>
> Thanks again,
>
> Eric
>
>
>
> [cid:image001.png@01CFA1A0.BEBA8D90]
>
>
>
>
> Eric Neumann   Cloud Services Manager
>
> 5/19 Wotan Street, Innaloo WA 6018
> www.aod-cloud.com<http://www.aod-cloud.com> <http://www.addaxsolutions.com/>
>
>
>
> -----Original Message-----
> From: Jayapal Reddy Uradi [mailto:jayapalreddy.uradi@citrix.com]
> Sent: Wednesday, 16 July 2014 6:36 PM
> To: <users@cloudstack.apache.org<mailto:users@cloudstack.apache.org<mailto:users@cloudstack.apache.org%3cmailto:users@cloudstack.apache.org>>>
> Subject: Re: CS VR on VMware
>
>
>
> Hi Eric,
>
>
>
> Did you created network with default network offering or customer network offering ?
>
> What is egress default policy value (true) in the network offering ?
>
>
>
> Can you please send iptables rules on VR, MS server log after VR start and network_offerings,
network table output in pastebin.com
>
>
>
> Thanks,
>
> Jayapal
>
> On 16-Jul-2014, at 3:48 PM, Eric Neumann - AOD <eric.neumann@aod-cloud.com<mailto:eric.neumann@aod-cloud.com<mailto:eric.neumann@aod-cloud.com%3cmailto:eric.neumann@aod-cloud.com<mailto:eric.neumann@aod-cloud.com%3cmailto:eric.neumann@aod-cloud.com%3cmailto:eric.neumann@aod-cloud.com%3cmailto:eric.neumann@aod-cloud.com>>>>
>
> wrote:
>
>
>
>> Hi All,
>> I’ve encountered a strange issue whereby egress firewall rules don’t seem to
apply to any CS VRs that are running on our VMware cluster, whereas any CS VRs running on
our XenServer cluster work as expected (these are in the same and only zone). Even more strangely,
port forwarding and ingress firewall rules do apply correctly in either scenario.
>> Has anyone encountered anything similar or has any troubleshooting tips for this?
I have confirmed WAN connectivity, etc. from the VRs console and can see that there’s no
matching entry in the iptables.
>> We are running Citrix CloudPlatform 4.3.0.1.
>> Any pointers would be greatly appreciated!
>> Thanks,
>> Eric
>
>
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended solely for
the use of the individual to whom it is addressed. Any views or opinions expressed are solely
those of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company
registered by The Republic of South Africa and is traded under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended solely for
the use of the individual to whom it is addressed. Any views or opinions expressed are solely
those of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company
registered by The Republic of South Africa and is traded under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended solely for
the use of the individual to whom it is addressed. Any views or opinions expressed are solely
those of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company
registered by The Republic of South Africa and is traded under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended solely for
the use of the individual to whom it is addressed. Any views or opinions expressed are solely
those of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company
registered by The Republic of South Africa and is traded under license from Shape Blue Ltd.
ShapeBlue is a registered trademark.



Mime
View raw message