Friday, 2010-11-12

« Thursday, 2010-11-11 Index Saturday, 2010-11-13 »
*** EdwinGrubbs has quit IRC00:05
*** JordanRinke has joined #openstack00:21
*** jeremyb_ has quit IRC00:39
*** jeremyb_ has joined #openstack00:39
*** jeremyb_ is now known as jeremyb00:39
*** ccustine has quit IRC00:41
*** gaveen has quit IRC00:43
*** neogenix has joined #openstack00:46
*** gaveen has joined #openstack00:56
*** neogenix_ has joined #openstack01:02
*** ar1 has joined #openstack01:04
*** kim0 has quit IRC01:04
*** neogenix has quit IRC01:04
*** neogenix has joined #openstack01:06
*** azneita has joined #openstack01:06
*** neogenix_ has quit IRC01:08
*** pvo has joined #openstack01:11
*** ChanServ sets mode: +v pvo01:11
*** aliguori has quit IRC01:17
*** rsampaio has joined #openstack01:23
*** Cybodog has joined #openstack01:27
*** azneita has quit IRC01:31
*** aliguori has joined #openstack01:32
*** joearnold has joined #openstack01:49
*** aliguori has quit IRC02:00
*** joearnol_ has joined #openstack02:01
*** joearnold has quit IRC02:02
*** MarkAtwood has joined #openstack02:08
*** sirp1 has joined #openstack02:09
*** daleolds has quit IRC02:09
*** msinhore has joined #openstack02:14
*** sandywalsh has joined #openstack02:14
*** msinhore has quit IRC02:36
*** deshantm has quit IRC02:52
*** deshantm_cosi has quit IRC02:52
*** deshantm has joined #openstack02:56
*** deshantm_cosi has joined #openstack02:56
*** pvo has quit IRC02:56
*** hazmat has quit IRC02:58
*** abecc_ has quit IRC03:10
*** ArdRigh has joined #openstack03:13
*** pvo has joined #openstack03:14
*** ChanServ sets mode: +v pvo03:14
*** colinnich_ has joined #openstack03:17
*** colinnich_ has quit IRC03:19
*** colinnich has quit IRC03:21
*** kw1 has left #openstack03:23
*** lyetz has joined #openstack03:31
*** sirp2 has joined #openstack03:39
*** sirp1 has quit IRC03:39
*** colinnich has joined #openstack03:54
*** azneita has joined #openstack04:01
*** littleidea has joined #openstack04:17
*** ArdRigh has quit IRC04:21
*** EdwinGrubbs has joined #openstack04:30
*** EdwinGrubbs has joined #openstack04:30
*** AimanA is now known as HouseAway04:30
*** sophiap has quit IRC05:00
*** blamar has quit IRC05:08
*** rsampaio has quit IRC05:11
*** blamar has joined #openstack05:22
*** sirp1 has joined #openstack05:30
*** sirp2 has quit IRC05:30
*** thingee has joined #openstack05:32
*** gaveen has quit IRC05:33
*** sirp1 has quit IRC05:39
*** sirp1 has joined #openstack05:40
*** f4m8_ is now known as f4m805:45
*** smoser has joined #openstack05:46
*** colinnich has quit IRC05:46
*** sirp1 has quit IRC05:49
*** thingee has quit IRC05:52
*** joearnol_ has quit IRC05:53
*** MarkAtwood has quit IRC05:55
*** f4m8 has quit IRC06:05
*** perestre1ka has quit IRC06:11
*** perestrelka has joined #openstack06:14
*** almaisan-away is now known as al-maisan06:14
*** littleidea has quit IRC06:15
*** ramkrsna has joined #openstack06:24
*** ramkrsna has joined #openstack06:24
*** kashyapc has joined #openstack06:24
*** miclorb has quit IRC07:00
*** ramkrsna has quit IRC07:00
*** ramkrsna has joined #openstack07:13
*** ibarrera has joined #openstack07:24
*** pvo has quit IRC07:41
*** miclorb_ has joined #openstack07:45
*** miclorb_ has quit IRC07:48
*** smoser has quit IRC08:04
*** kim0 has joined #openstack08:10
*** kim0 has joined #openstack08:10
*** sandywalsh has quit IRC08:14
*** dendrobates is now known as dendro-afk08:17
*** azneita has quit IRC08:26
*** miclorb has joined #openstack08:30
*** pvo has joined #openstack08:33
*** ChanServ sets mode: +v pvo08:33
*** allsystemsarego has joined #openstack08:40
*** miclorb has quit IRC08:49
*** pvo has quit IRC08:51
*** f4m8 has joined #openstack08:54
*** sandywalsh has joined #openstack09:01
*** smoser has joined #openstack09:01
*** miclorb_ has joined #openstack09:08
*** miclorb_ has quit IRC09:28
*** sandywalsh has quit IRC09:44
*** jfluhmann has quit IRC09:50
*** clayg has quit IRC09:51
*** jfluhmann has joined #openstack09:51
*** miclorb has joined #openstack09:51
*** clayg has joined #openstack09:52
*** dendro-afk is now known as dendrobates10:04
*** miclorb has quit IRC10:06
*** smoser has quit IRC10:18
*** littleidea has joined #openstack10:26
*** smoser has joined #openstack10:30
patri0they, anyone has idea why nova-manage may not work at all?10:38
*** smoser has quit IRC10:46
*** littleidea has quit IRC10:46
*** msinhore has joined #openstack10:48
*** smoser has joined #openstack10:49
*** littleidea has joined #openstack10:53
*** BK_man has joined #openstack10:57
*** al-maisan is now known as almaisan-away10:58
*** hazmat has joined #openstack11:04
*** msinhore has quit IRC11:13
*** ArdRigh has joined #openstack11:16
*** msinhore has joined #openstack11:28
*** littleidea has quit IRC11:44
*** kashyapc has quit IRC11:56
*** ArdRigh has quit IRC11:58
*** ctennis has quit IRC12:06
*** arthurc has joined #openstack12:13
*** msinhore has quit IRC12:13
*** DubLo7 has quit IRC12:18
*** msinhore has joined #openstack12:21
*** eldarnugaev has joined #openstack12:23
*** ctennis has joined #openstack12:23
*** msinhore has quit IRC12:36
*** eldarnugaev has quit IRC12:38
*** jeevan_ullas has quit IRC12:43
*** jeevan_ullas has joined #openstack12:43
*** hazmat has quit IRC12:45
*** almaisan-away is now known as al-maisan13:00
*** DubLo7 has joined #openstack13:16
*** tomo_bot_ has joined #openstack13:17
*** tomo_bot has quit IRC13:17
*** ramkrsna has quit IRC13:17
*** gustavomzw has joined #openstack13:18
*** aliguori has joined #openstack13:19
*** tomo_bot__ has joined #openstack13:19
*** gustavomzw has quit IRC13:20
*** tomo_bot_ has quit IRC13:22
*** rossij has quit IRC13:31
*** dendrobates is now known as dendro-afk13:33
*** perestrelka has quit IRC13:33
*** perestrelka has joined #openstack13:33
*** rossij has joined #openstack13:34
*** tomo_bot__ has quit IRC13:43
*** tomo_bot__ has joined #openstack13:43
*** aliguori has quit IRC13:44
*** tomo_bot___ has joined #openstack13:49
letterjJordanRinke: Can I get an account on the swift cluster set up for the summit?13:50
*** tomo_bot__ has quit IRC13:50
JordanRinkeletterj: pm13:52
letterjthank you13:54
*** ppetraki has joined #openstack13:56
*** DubLo7 has quit IRC13:57
*** Cybodog has quit IRC13:57
*** aliguori has joined #openstack14:00
*** f4m8 is now known as f4m8_14:01
*** piken_afk is now known as piken14:05
pikenmorning14:05
JordanRinkemorning14:11
*** tomo_bot___ has quit IRC14:11
*** JordanRinke has left #openstack14:11
*** tomo_bot___ has joined #openstack14:11
*** westmaas has joined #openstack14:15
*** ar1 has quit IRC14:17
letterjJordan the account you gave me returns a 401 on auth14:19
*** tomo_bot____ has joined #openstack14:22
*** gondoi has joined #openstack14:23
*** tomo_bot___ has quit IRC14:24
pikenok, question, why in utils.py is a connect being  made to google.com?14:25
*** Ryan_Lane has quit IRC14:28
*** BK_man has quit IRC14:29
*** londo__ has quit IRC14:29
*** EdwinGrubbs has joined #openstack14:29
*** EdwinGrubbs has joined #openstack14:29
*** BK_man has joined #openstack14:30
*** tomo_bot____ has quit IRC14:42
*** tomo_bot____ has joined #openstack14:43
*** smoser has quit IRC14:45
*** tomo_bot_____ has joined #openstack14:47
pikenSoren: Vishy: you around?14:48
pikenOr anyone that can help figure out why --fake_tests=True is not forcing binding to localhost14:48
*** JordanRinke has joined #openstack14:48
*** Podilarius has joined #openstack14:50
*** tomo_bot____ has quit IRC14:50
*** Cybodog has joined #openstack14:57
*** jonkelly has joined #openstack14:59
*** pvo has joined #openstack15:00
*** ChanServ sets mode: +v pvo15:00
*** dendro-afk is now known as dendrobates15:03
JordanRinkeword15:05
*** zul has joined #openstack15:05
pvonoun15:05
*** rossi_j has joined #openstack15:05
*** Ryan_Lane has joined #openstack15:06
jonkellynumber?15:07
*** rossij has quit IRC15:08
*** BK_man has quit IRC15:11
*** BK_man has joined #openstack15:13
*** jaypipes has joined #openstack15:15
*** jdarcy has joined #openstack15:15
*** neogenix has quit IRC15:16
vishyhoyoo!15:16
jaypipesvishy: yooho!15:16
*** rsampaio has joined #openstack15:16
*** zaitcev has joined #openstack15:16
*** gustavomzw has joined #openstack15:19
*** kim0 has quit IRC15:19
vishypiken: in get_my_ip, it doesn't work if get_my_ip is in the flag definition, since that runs at import time, before --fake_tests has been set15:21
*** gustavomzw has quit IRC15:21
Ryan_Laneis it possible to run the nodes and the controller on shared storage, like NFS? is it a good/bad idea?15:21
*** thingee has joined #openstack15:22
jaypipesRyan_Lane: wouldn't that be a single point of failure?15:23
Ryan_Lanejaypipes: yes/no15:24
*** smoser has joined #openstack15:24
Ryan_Lanedepends on how you architect the NFS storage15:24
Ryan_Laneusing netapps with fully redundant hardware, and failover units using snapmirror, no15:24
*** gondoi has quit IRC15:25
Ryan_Lanealso a little more flexible than iscsi15:25
*** littleidea has joined #openstack15:26
*** pharkmillups has joined #openstack15:27
jaypipesRyan_Lane: not sure why you'd want/need to run the actual node/controller code on NFS.  I don't see much benefit to it.  Can you elaborate what you're htinking?15:27
Ryan_Laneso the current architecture pulls images from the storage node, and runs them on the compute nodes right?15:28
Ryan_Lanewhat about persistance instances?15:28
*** kim0 has joined #openstack15:28
*** kim0 has joined #openstack15:28
Ryan_LaneIn the VMware world, all instances live on shared storage15:29
Ryan_Lanethis makes things like HA much easier15:29
Ryan_Laneand allows for deduplication of persistance images15:29
Ryan_Laneif the architecture is completely different, and makes this kind of thing irrelevant, then there isn't much reason15:30
Ryan_LaneI'm trying to avoid buying a lot of storage for each compute node15:30
jaypipesRyan_Lane: well, like I said, there's nothing (AFAIK) preventing you from doing it :)15:30
*** thingee has quit IRC15:31
Ryan_Lanedoes the openstack architecture make this kind of thing irrelevant?15:31
BK_manppl, is there are a kind of list with nova's python modules deps (with versions)?15:31
Ryan_Laneis there a better way of going about things? If so, I'd like to follow best practices15:31
jaypipesBK_man: see tools/pip-requires15:31
* BK_man trying to install Nova on RHEL615:31
jaypipesRyan_Lane: one sec15:31
BK_manjaypipes: thanks!15:32
Ryan_LaneI should also mention that this is for a fairly small cluster. Not planning on using a million nodes, like you guys ;).15:33
* BK_man started almost every nova service except volume15:34
BK_manI didn't found any dep on twisted and have version 8.2.0 installed. Is it ok for nova-volume?15:36
BK_mannova.exception.Error: volume group nova-volumes doesn't exist15:37
jaypipesRyan_Lane: sorry, sitting in meeting here at summit trying to pick the name for next release... it's "Cactus"15:38
jaypipesBK_man: no, need the 10.0.4 backported version noted in pip-requires...15:38
Ryan_Lanejaypipes: no worries :)15:39
Ryan_Lanei wanted to make it to the summit15:39
Ryan_LaneI'll be at the meetup in SF though15:39
*** dagger has quit IRC15:44
*** westmaas has quit IRC15:45
*** zul has quit IRC15:46
*** dagger has joined #openstack15:46
*** dagger has joined #openstack15:46
*** dysinger has joined #openstack15:48
*** zaitcev has quit IRC15:50
*** daleolds has joined #openstack15:52
*** zaitcev has joined #openstack15:52
*** hggdh has quit IRC15:55
vishyRyan_Lane: I don't think there is really a best-practices yet.  Others have mentioned doing something similar15:56
pikenVishy:  We got around it for now by faking www.google.com in our hosts file.15:56
pikenBut we have another issue. All components come up correctly15:57
*** zaitcev has quit IRC15:57
pikenAll one server15:57
Ryan_Lanevishy: ah, using shared storage?15:57
pikenwe can add a key without an issue, but when we create an instance it never is created15:57
pikendescribe instances says it is scheduled, but we see nothing in the network log, scheduler log, or compute log and the instance is nver created15:57
Ryan_Lanevishy: there are plans for HA, correct? how would one do so without shared storage?15:58
pikenI made sure rabbit is up and nova-api's log shows the message going into rabbitmq15:58
*** dendrobates is now known as dendro-afk15:59
vishyRyan_Lane: we haven't fully addressed HA for vms, we are looking at adding sheepdog support for instances as one possibility16:00
*** zul has joined #openstack16:00
*** thingee has joined #openstack16:01
Ryan_Lanesheepdog?16:01
* Ryan_Lane googles16:01
*** pvo has quit IRC16:01
Ryan_Laneah. distributed storage16:02
jdarcyIf I had unlimited free time, I'd consider using some of it to make a non-qemu-specific version of sheepdog.  But I don't.16:04
pikenanyone have an idea why I can't spawn instances even though all components are using the same mysql and rabbit and all on the same server16:04
*** hggdh has joined #openstack16:04
Ryan_Lanelooks like this is optimized for KVM, which is nice16:04
vishypiken: is the scheduler getting the message?16:05
pikenno16:05
Ryan_Lanewell, if this is going to be the case, then shared storage via NFS looks unnecessary16:05
Ryan_Lanewhich makes my life a little easier16:05
pikenThere is no activity in any log othe then the object store, network, and api16:05
pikens/othe/other/16:05
vishyis scheduler running?16:05
pikenyes16:05
pikenThey were all started by nova.sh. I also ran them all by hand with the previously generated conf16:06
pikenIt seems almost like the messages are getting lost even though they can be seen in the rabbit message logs16:06
*** dendro-afk is now known as dendrobates16:06
vishypossible you have another scheduler/other component eating messages out of the queue16:07
*** rnirmal has joined #openstack16:07
*** ttx has joined #openstack16:08
*** ttx has joined #openstack16:08
pikenI don't think there is. We made sure that the node had nothing running on it first. But I will check again16:08
pikenI just stopped all things on the box and made sure there was nothing running that would eat it.16:14
pikenStill same issue16:14
*** guynaor has left #openstack16:16
pikenIs there a way to change the message queue name to 100% make sure nothing else is pulling from the queue16:17
*** heckj has joined #openstack16:18
heckjnova question: what algorithms are used by the scheduler to lay down VMs on hardware, or where does that code live?16:20
*** sandywalsh has joined #openstack16:22
vishyheckj: see nova/scheduler/simple.py16:23
heckjthanks vish!16:23
pikenvishy: yeah, defn do not have something else on there eating things from the queue that I can tell16:23
kim0Is there any code walk through yet16:23
*** iammartian has joined #openstack16:24
*** clayg_ has joined #openstack16:24
*** heckj has quit IRC16:25
*** al-maisan is now known as almaisan-away16:25
vishypiken: if i'm down to that level, I usually turn on messages from amqlib so i can see the messages going in the nova logs16:26
pikenhow can I turn them on?16:26
pikennever have before16:26
*** smoser has quit IRC16:27
vishylogging.getLogger('amqplib').setLevel(logging.WARN)16:27
vishythere is a line like that in twistd.py16:27
vishyand in server.py (for api)16:28
*** zul has quit IRC16:28
pikenso set them to logging.DEBUG16:28
vishyyeah16:28
vishyit is kind of chatty, but it should show the messages that are getting sent16:29
vishyso you can see if one doesn't get received16:29
pikenok, so I don't see api having any messages going into the queue after all so there for  no messages to be pulled by sched16:31
pikennow I am  even more confused16:31
*** thingee has quit IRC16:32
*** littleidea has quit IRC16:32
pikenWhat would cause that?16:32
BK_manKhm... Can I use twisted 10.1.0 instead of 10.0.4 with nova-volume?16:33
pikenI don't think that should make a difference. At least I hope not as I am using that on centos 5.516:35
vishyMK_man, twisted 10.1 should be fine afaik16:35
BK_manvishy: thanks!16:35
vishypiken: weird, it is getting the requests and returning success but not putting anything into the queue?16:36
*** zul has joined #openstack16:36
pikenno success coming back on run instance, just freezes, but adds it to the db16:36
*** pvo has joined #openstack16:37
*** ChanServ sets mode: +v pvo16:37
letterjJordanRinke: Did you get my note about the account failing auth16:37
*** sirp1 has joined #openstack16:37
vishyhmm, nova-network failure?16:37
pikenno errors reported and I do see logs of iptables stuff in there from the starting net config16:38
letterjNo,16:38
*** westmaas has joined #openstack16:38
*** dragondm has joined #openstack16:38
letterjno the swift instance set up for the conference16:38
vishyso the first thing it does is set network host for project, if that call is failing16:38
BK_manKhm... error still the same: nova.exception.Error: volume group nova-volumes doesn't exist16:38
vishyit would cause a situation like you are describing16:38
JordanRinkeletterj: sorry no I was AFK16:39
vishyapi is calling out to nova-network to set network host16:39
letterjJordanRinke: Can you send me the info again16:39
BK_manwhat is differences between nova.volume.manager.VolumeManager and nova.volume.manager.AOEManager ?16:40
pikenvishy: I don't see anything past the inital setup in the output from network-manager16:40
piken*nova-network16:40
BK_manI have AOEManager on Ubuntu installation and VolumeManager on RHEL6. Where can I configure this?16:40
vishypiken: is it possible you have old data in the database?16:41
vishyif the network for your project has an invalid host name16:41
vishyselect host from networks where project_id is not null16:42
vishymight help16:42
*** littleidea has joined #openstack16:42
vishyBK_man: AOEManager existed in austin release16:42
*** dubsquared1 has joined #openstack16:42
vishyVolumeManager is in current trunk16:43
pikenvishy: using nova.sh to launch. It does a drop on the database and create each start16:43
dubsquared1oh hello16:43
BK_manvishy: ok. What should I do to get nova-volume service to run?16:43
*** zul has quit IRC16:43
BK_manvishy: I mean what should I configure in advance16:43
vishyfunny i just added that info to my readme16:44
vishyhttps://github.com/vishvananda/novascript16:44
*** hornbeck has joined #openstack16:44
vishyscroll down to the Notes section and there are a few commands explaining how to create a volume group for it16:44
BK_manvishy: i see. thanks!16:45
vishypiken: :( try running that sql and see if the host is set for the network16:45
pikenno results returned16:46
vishyoh rly16:46
pikenmysql> select host from networks where project_id is not null;16:46
pikenEmpty set (0.00 sec)16:46
vishyafter trying to run an instance?16:47
pikenyes, the instance is never run or created. There is no log entry's that it was ever attmpted other then in api16:47
vishyso an empty set means that db.project_get_network is not getting called16:48
*** neogenix has joined #openstack16:48
vishyso either nova-api is failing before it gets to that, or it is not talking to the db16:49
*** sandywalsh has quit IRC16:51
pikenhmm, now I am seeing a little more.16:52
pikenthe request went to api, and it looks like it is failing when calling the object store16:52
pikenlooks like it is sitting at establishing HTTP connection16:52
vishywhoot!16:55
vishyis nova-objectstore running correctly?16:55
pikenI can telnet to localhost on 333316:56
JordanRinkeword16:56
pikenis there anyway I can test it?16:57
pikenyeah, it looks like api cannot hit the objectstore16:57
Ryan_LaneIf I need to use a specific vlan, such as 103, can I simply create the bridge/vlan on the compute node and controller directly, then modify the database to use br103 and vlan 103 explicitly?16:57
pikenhttp://paste.openstack.org/show/116/ there is the log output of objectstore16:58
uvirtbotNew bug: #674597 in swift "SAIO docs need a link to skip the loopback section" [Low,New] https://launchpad.net/bugs/67459717:02
*** rlucio has joined #openstack17:03
*** gondoi has joined #openstack17:04
*** kw1 has joined #openstack17:05
*** dubsquared1 has quit IRC17:09
*** dubsquared1 has joined #openstack17:09
*** jaypipes has quit IRC17:09
*** ttx has quit IRC17:10
*** dendrobates has quit IRC17:10
*** glange has quit IRC17:10
*** ttx has joined #openstack17:10
*** Mr_T has quit IRC17:10
*** dfg has quit IRC17:10
*** exlt has quit IRC17:10
*** hazmat has joined #openstack17:11
*** Mr_T has joined #openstack17:11
*** glange has joined #openstack17:11
vishypiken: you could try one of the commands that only hits the objectstore17:12
vishypiken: like euca-upload-bundle17:13
*** letterj has quit IRC17:13
*** gholt has quit IRC17:13
*** annegentle has quit IRC17:13
*** letterj has joined #openstack17:13
*** annegentle has joined #openstack17:13
vishyRyan_Lane: you could just set vlan_start to that value17:13
*** dendrobates has joined #openstack17:14
*** dfg has joined #openstack17:14
Ryan_Lanevishy: yeah, found that :)17:14
vishybut i don't know if you want host managed vlans if you only have one17:14
Ryan_LaneI need to do vlan tagging...17:14
*** gholt has joined #openstack17:15
Ryan_Lanewe are segregating our virtual machines from our production cluster17:15
pikenvishy: Since it uses rest, I did a GET /_images/ HTTP/1.117:15
pikenIt hangs17:15
vishy:(17:15
vishythat sucks17:15
vishyno error message? just hanging?17:15
pikenjust hanging17:15
Ryan_Lanethe vm stats on br103, but now I need to figure out how to get the dhcp server to listen on the right ip, and use the correct range...17:16
pikenvishy: yeah. This is defn the issue. And I can't figure out why17:20
*** gustavomzw has joined #openstack17:20
Ryan_Lanethough, if I'm using flat networking, it should inject the ip info, correct? no dhcp server necessary?17:20
pikenhmm, I set the s3_host in the flagfile and it ignored it for localhost17:22
*** gustavomzw has quit IRC17:22
*** exlt has joined #openstack17:24
*** ChanServ sets mode: +v exlt17:24
*** clayg__ has joined #openstack17:24
*** clayg___ has joined #openstack17:26
*** clayg_ has quit IRC17:26
*** clayg_ has joined #openstack17:27
*** clayg__ has quit IRC17:29
*** msinhore has joined #openstack17:30
*** clayg___ has quit IRC17:30
*** ChanServ sets mode: +v letterj17:30
pikenwoot, got objectstore up17:31
pikenit fails if you have fake_tests set so we can't bypass the connect to google.com which is bad as we have no net access on these nodes.17:31
*** kw1 has left #openstack17:32
pikenhttp://paste.openstack.org/show/117/ here is the logout put of the request going to api and rabbit17:32
*** clayg__ has joined #openstack17:32
pikenand here is the sched output http://paste.openstack.org/show/118/17:33
pikenIt never saw the message in the queue even though it is17:33
*** hggdh has quit IRC17:36
*** clayg_ has quit IRC17:36
*** msinhore has quit IRC17:36
*** sirp1 has quit IRC17:38
pikenAAAAAHAHHHH17:38
pikenvishy: the problem is 100% that get_my_ip connect to google.17:38
pikenI just commented it out and returned localhost and it worked.17:39
*** pandemicsyn has quit IRC17:39
*** pvo has quit IRC17:39
pikenIt was failing because first call from api for provisioning is to compute to determine what node to place it on.17:39
*** smoser has joined #openstack17:40
pikenHere is the actual spawn error17:41
pikenhttp://paste.openstack.org/show/119/17:41
pikenAny ideas?17:41
*** pharkmillups has quit IRC17:43
*** dendrobates is now known as dendro-afk17:44
*** ramkrsna has joined #openstack17:47
*** ramkrsna has joined #openstack17:47
*** ttx has quit IRC17:49
*** littleidea has quit IRC17:49
*** exlt has quit IRC17:50
*** exlt has joined #openstack17:50
*** ChanServ sets mode: +v exlt17:50
*** clayg__ has quit IRC17:50
pikenand yay. Back to where I was with the channel not being read.17:51
piken:(17:51
*** dysinger has quit IRC17:52
*** littleidea has joined #openstack17:52
rluciopiken: what version of libblkid are you using? the error seems to indicate you are using the wrong one.. .also, is it a 32 bit or 64 bit system?17:55
pikenrlucio: 64bit centos517:56
*** topspinkyle has joined #openstack17:57
*** gondoi has quit IRC17:57
*** sophiap has joined #openstack17:58
pikenit is part of util-linux and we built 2.18 from source as centos5 comes with 2.13 by default and its losetup doesn't have --show17:59
*** kim0 has quit IRC17:59
pikenwhat version should we be using?18:00
*** sophiap has quit IRC18:02
*** sophiap has joined #openstack18:03
*** kim0 has joined #openstack18:07
*** dysinger has joined #openstack18:11
*** Ryan_Lane is now known as Ryan_Lane|food18:11
*** rlucio has quit IRC18:13
*** sophiap has quit IRC18:17
vishypiken: yeah there is actaully a patch for that, just needs to be merged18:18
*** Ryan_Lane|food has quit IRC18:18
pikenah, k18:18
BK_manvishy: I created a volume - but there is no /dev/nova-volume device exists. Wha'ts missing?18:19
*** sophiap has joined #openstack18:19
pikenman, this is random. Some times it will create an instance and seem to work fine, but fail durring the spawn. But others it is back to round 1 with the the queue not being read.18:19
vishyBK_man: ubuntu?18:23
BK_manvishy: RHEL618:23
vishyhmm18:23
BK_manvishy: how it looks on Ubuntu?18:24
vishydoes rhel have different udev rules?18:24
BK_manlet me check....18:24
JordanRinkesooo18:25
JordanRinkeall my services but nova-compute start and in the log I get 2010-11-12 12:23:47-0600 [-] socket.error: [Errno 111] Connection refused18:25
JordanRinkeguesses?18:25
*** smoser has quit IRC18:25
JordanRinkealso, I have active hosts on 3333, 8773 and 877418:25
vishyon ubuntu a folder is created in /dev for each volume group18:26
vishyand each lv has a symlink inside of it18:26
*** sophiap has quit IRC18:26
vishylike so: lrwxrwxrwx 1 root root 37 2010-11-08 11:11 vol-k6hu2up9 -> ../mapper/nova--volumes-vol--k6hu2up918:26
vishyi assume it is udev doing it18:26
vishyJordanRinke: rabbit isn't running18:26
JordanRinkebah good call18:27
vishy:)18:27
*** sophiap has joined #openstack18:27
JordanRinkecorrect, rabbitmq isnt installed :-D accidently snipped it off the end of my apt-get hah18:28
*** msinhore has joined #openstack18:34
*** dragondm has quit IRC18:35
*** almaisan-away is now known as al-maisan18:35
*** msinhore has quit IRC18:36
xtoddxhttps://blueprints.launchpad.net/nova/+spec/austin-puppet-deployment can be targeted to bexar and assigned to me or anso.  I'm going to work with Yoko from NII to include their configs as well.18:36
xtoddxhttps://blueprints.launchpad.net/nova/+spec/refactor-auth-unittest is in trunk's version of nova/tests/auth_unittest.py18:37
BK_manvishy: I have 1 VG nova-volumes and it's free. Is it correct setup?18:40
vishyshould be right, how big is it?18:40
BK_manvishy: 1020Mb18:41
vishythat won't be very useful :)18:41
BK_mancreate with losetup in /openstack/nova18:41
BK_manvishy: just for testing18:41
vishyk18:41
vishysure that should be fine18:42
BK_manvishy: what is a way to create a shared storage for VMs?18:42
vishyif you vgs and it shows up you should be good18:42
BK_manvishy: it's ok:"18:42
BK_man]# vgs18:42
BK_man  VG           #PV #LV #SN Attr   VSize    VFree18:42
BK_man  nova-volumes   1   0   0 wz--n- 1020.00m 1020.00m18:42
BK_man  vg_rhel6b2     1   3   0 wz--n-  271.45g       018:42
vishyBK_man: no support for true shared storage yet18:42
pikenvishy: So I think I found the issue. For some reason on my centos5 box, when a message is put in the queue the first time. There is almost a 2-4 min delay before it is seen by the other components.18:42
pikenVery wierd18:43
vishypiken: yes, weird, sounds like amqp is having some trouble18:43
BK_manvishy: can I use a king of cluster fs? GPFS from IBM?18:43
BK_mans/king/kind/18:43
BK_man:)18:43
vishyBK_man: any type of shared storage for vm backing will have to be on the host level18:44
neogenixJordanRinke: thought you had it working already :P18:44
vishyfor the moment18:44
BK_manvishy: ok. stupid question - can nova run on several hosts at the moment?18:45
pikenvishy: Pretty soon there will be a blueprint for VirtFS and implementation for it not making it host level :)18:46
pikenBK_man: yes18:47
pikenI have gotten 5 cloud controllers with schedulers and such running using mysql and the same rabitmq queue with nginx load blancing to them.18:47
pikenThen I have right now 5 compute nodes with just compute running on them.18:47
BK_manpiken: why not to use existing clustered FS in each availability zone?18:48
pikenWe use drdb on the mysql data store to make it stored accross all 5 nodes and also on the persistant rabbit store.18:48
pikenBut if we loose 1 node, everything still runs fine.18:48
BK_manpiken: what will happen if you will loose 2 nodes? cluster split-brain?18:50
*** mdomsch has joined #openstack18:50
BK_manvishy: I create same volume group on a host with Maverick installed and it does not have /dev/nova-volumes directory after that too...18:52
*** joearnold has joined #openstack18:52
BK_manvishy: just using your instructions from "Notes" section18:53
*** ibarrera has quit IRC18:53
BK_manvishy: dd, mkfs.ext4, losetup && vgcreate - nothing else18:53
*** sophiap has quit IRC18:55
dubsquared1piken:  JordanRinke told me you may have or are close to running Nova on CentOS/RHEL?18:55
BK_mandubsquared1: I have all services running except volumes18:57
anticwredbo: about?18:58
*** MarkAtwood has joined #openstack18:58
BK_mandubsquared1: on RHEL6 release18:58
dubsquared1nice, im going to playing with that soon18:58
dubsquared1do you have a blog, or any notes posted?18:58
BK_mandubsquared1: not yet, just a pilot project.18:59
BK_mandubsquared1: we need to wait while EPEL repo will be announced for RHEL6. It was for RHEL6 Beta, but RHEL6 was released a couple of days ago and I think that repo isn't available anymore19:00
BK_mandubsquared1: my plan is to create my own repo for RHEL6 to satisfy nova deps19:00
dubsquared1ah excellent19:01
*** iammartian_ has joined #openstack19:01
dubsquared1yeah, haven't heard the latest on the EPEL for 619:01
*** iammartian_ has quit IRC19:01
dubsquared1that will be super nice19:01
dubsquared1i support that plan19:01
redboanticw: yeah19:03
*** Ryan_Lane|food has joined #openstack19:08
*** Ryan_Lane|food is now known as Ryan_Lane19:09
*** BK_man has quit IRC19:09
*** hggdh has joined #openstack19:10
*** gaveen has joined #openstack19:10
pikendubsquared1: almost there on centos5.5 but util-linux is what has been killing it19:11
pikenThat and rabbit having weird issues.19:11
pikendubsquared1: I am also in the middle of implementing the unified-installer so we have a single working installer for all os'es that we create an install manifest for.19:12
dubsquared1what part of util-linux is the problem?19:12
dubsquared1or parts, rather19:13
pikenlosetup and libblkid19:13
*** westmaas has quit IRC19:13
pikenwe need a newer losetup for centos5, but that brings a new libblkid in that breaks all mount related tools on the box.19:13
pikenie. don't reboot after the make install19:14
*** ramkrsna has quit IRC19:14
JordanRinkeeuca-describe-instances if giving me an error 111 :/19:14
*** kim0 has quit IRC19:14
JordanRinkeand I don't know why now19:14
dubsquared1righto19:14
*** [ack]_ is now known as [ack]19:16
JordanRinkeuser error lol19:18
dubsquared1where were you trying to use it?19:18
dubsquared1locally?19:18
*** rmatte has joined #openstack19:19
*** rmatte has left #openstack19:19
*** Gibby has joined #openstack19:20
*** abecc_ has joined #openstack19:23
*** abecc_ has joined #openstack19:23
*** abecc_ is now known as abecc19:26
*** burris has quit IRC19:31
*** gustavomzw has joined #openstack19:31
*** gustavomzw has quit IRC19:36
*** rlucio has joined #openstack19:40
*** neogenix has quit IRC19:44
xtoddxpvo: https://blueprints.launchpad.net/nova/+spec/admin-only-api could have https://blueprints.launchpad.net/nova/+spec/nova-paste-deploy as a dependency, if you want to take that route (I think it sounds easiest, and swift team likes it)19:45
*** clayg_ has joined #openstack19:46
xtoddxhttps://blueprints.launchpad.net/nova/+spec/bexar-nova-api-docs should have https://blueprints.launchpad.net/nova/+spec/aws-api-validation as a prepreq19:48
xtoddxi really wish i could edit blueprints, by the way :(19:48
*** ctennis has quit IRC19:49
*** hggdh has quit IRC19:50
*** johnbergoon has joined #openstack19:50
*** hggdh has joined #openstack19:52
anticwredbo: nm, i found the guthub thang to email you19:53
anticwredbo: or i assume it did anyhow19:53
redbothe pull request?  I got it.19:54
anticwyeah ... i thought maybe i had to do something else, im used to emailing udiffs about19:54
redboI pulled it, wasn't sure if you meant to leave that fprintf in there, but I changed it to a debugf.19:55
Ryan_LaneI just upgraded nova on lucid, and I'm getting the following error trying to start some services:  No such file or directory: '/usr/lib/pymodules/python2.6/nova/virt/libvirt.rescue.qemu.xml.template'19:58
annegentlefor the InstallFest, we're editing an RST file in Etherpad: http://etherpad.openstack.org/NovaInstallRST19:58
Ryan_Laneany idea what that's from?19:58
anticwredbo: oh, the fprintf shouldn't have been there ... that was me debugging somehting ... a debugf is fine i guess though, not sure the cost is very high19:59
*** zul_ has joined #openstack19:59
*** joearnold has quit IRC20:00
*** joearnold has joined #openstack20:00
*** ctennis has joined #openstack20:01
redboshould be negligible, it just returns without doing anything when it's ran in the background20:01
notmynamegholt: I'm looking at the devauth middleware. I must be missing something. where is the HTTP_X_AUTH_TOKEN getting set in the env?20:01
redbowhy would it ever be set in the env by middleware?20:02
*** hazmat has quit IRC20:03
*** burris has joined #openstack20:06
notmynamethe first line of the middleware checks the env for that var. I'm wondering how it gets there from the header value20:08
redbothat's WSGI20:10
notmynameall the headers go to the env?20:10
redboand CGI before WSGI20:10
notmynameok ok :-)20:11
*** rlucio has quit IRC20:12
*** MarkAtwood has quit IRC20:15
*** westmaas has joined #openstack20:15
*** burris has quit IRC20:17
*** joearnold has quit IRC20:17
*** zul_ is now known as zul20:19
*** MarkAtwood has joined #openstack20:20
*** al-maisan is now known as almaisan-away20:21
*** rlucio has joined #openstack20:23
*** johnbergoon_ has joined #openstack20:31
*** johnbergoon has quit IRC20:34
*** johnbergoon_ is now known as johnbergoon20:34
*** dysinger has quit IRC20:35
*** btorch has quit IRC20:38
*** gaveen has quit IRC20:43
*** clayg_ has quit IRC20:45
*** pvo has joined #openstack20:46
*** pvo has joined #openstack20:46
*** ChanServ sets mode: +v pvo20:46
*** clayg_ has joined #openstack20:49
*** gaveen has joined #openstack20:56
*** littleidea has quit IRC21:00
KnightHackergholt: I just saw your comments on the authentication blueprint https://blueprints.launchpad.net/nova/+spec/openstack-authn . I just wanna make sure that I understand it. So, are you saying that after it gets implemented, we'll integrate it and ship it in OpenStack?, but you are concerned about getting it done during this release?21:00
KnightHackers/this/bexar21:00
*** mdomsch has quit IRC21:00
uvirtbotNew bug: #674687 in swift "Multi node install needs instructions to point proxy to auth if on different servers" [Medium,Triaged] https://launchpad.net/bugs/67468721:01
*** pothos_ has joined #openstack21:02
*** hazmat has joined #openstack21:02
*** gaveen has quit IRC21:03
*** pothos has quit IRC21:05
*** pothos_ is now known as pothos21:05
*** littleidea has joined #openstack21:09
*** msinhore has joined #openstack21:09
*** londo has joined #openstack21:09
pikenok, solution for the losetup and libblkid on centos5 is to build util-linux-ng-2.18 and copy the new losetup binary to the nova install directory and patch nova to call the new binary instead of the one from the path.21:10
gholtKnightHacker: More a concern that it is trying to claim as being THE way to do auth and puts requirements on the services besides just "make auth pluggable with WSGI and optional callbacks".21:15
*** joearnold has joined #openstack21:16
*** msinhore has quit IRC21:16
*** burris has joined #openstack21:19
*** sophiap has joined #openstack21:19
*** gaveen has joined #openstack21:20
pikengholt: maybe there should be an AuthManager like the VolumeManager and NetorkManager that way multipe auth sets can be added by default like oauth and openid, and still leave the abbility to be extended to others by end users.21:29
*** msinhore has joined #openstack21:31
KnightHackergholt: the only thing that it requires services to implement is the communication protocl between the auth component (WSGI component) and the service.21:32
*** msinhore has quit IRC21:34
*** gustavomzw has joined #openstack21:34
*** gustavomzw has quit IRC21:36
KnightHackerAnd this is something that we can help contribute as well.21:41
*** lyetz has quit IRC21:42
*** rlucio has quit IRC21:46
*** westmaas has quit IRC21:48
*** dubsquared1 has left #openstack21:49
*** JordanRinke has quit IRC21:50
*** zul has quit IRC21:51
*** joearnold has quit IRC21:55
*** joearnol_ has joined #openstack21:55
*** rlucio has joined #openstack21:57
*** joearnol_ has quit IRC21:58
*** MarkAtwood has quit IRC22:00
*** jdarcy has quit IRC22:01
*** sirp1 has joined #openstack22:03
*** burris has quit IRC22:04
*** clayg_ has quit IRC22:08
*** dendro-afk is now known as dendrobates22:09
*** dendrobates has joined #openstack22:09
*** ChanServ sets mode: +v dendrobates22:09
*** rsampaio has quit IRC22:13
*** littleidea has quit IRC22:20
*** johnbergoon has quit IRC22:21
*** rlucio has quit IRC22:21
*** johnbergoon has joined #openstack22:21
*** zul has joined #openstack22:25
*** Podilarius has left #openstack22:28
*** Cybodog has quit IRC22:31
*** zul has quit IRC22:39
*** ppetraki has quit IRC22:40
gholtKnightHacker: It's probably just semantics and maybe not all that important.22:42
gholtKnightHacker: It reads as if it will make integrating with existing authentication systems easier, but really it just pushes the integration work to a different area. In fact, forcing support of a reverse proxy option and basic auth will likely make it harder if those options aren't really needed or desired.22:42
gholtKnightHacker: I think (but I'm just one opinion) that it'd be better to change the purpose of the blueprint to creating a default authentication implementation that works with all OpenStack services, but isn't somehow the be-all-end-all last-word on how to do it.22:43
KnightHackergholt: Maybe the blueprint isn't worded right .. or we are having a problem expressing it. But I don't think that we are proposing that this becomes THE authentication.22:44
gholtKnightHacker: Also, specific nitpick, all unauthed requests should not be refused. In Swift, we have the concept of public containers, so unauthed requests should be allowed through and possibly allowed at a lower level.22:45
KnightHackerIt is only an attempt to standardize on how these auth components communicate with the service. So that 3rd party can write different reusable auth components for different standards22:45
KnightHackerwithout having to touch the OpenStack service code.22:45
gholtThey can already do that with WSGI middleware. ;)22:46
KnightHackerAnd our proposed protocol states using WSGI ;).22:46
KnightHackermiddleware that is.22:46
KnightHackergholt: unauthed requests can be accepted as well.22:46
gholtWith Swift, they just set the REMOTE_USER to the authenticated user if there is one and a swift_authorize callback if they'd like to do authorization checks. They can call out to their auth system however they deem best.22:46
KnightHackerYou can deploy two auth components .. one that passes unauthed or public (anonymous) requests.22:47
gholt^^ Which is much like how repoze.who and repoze.what already work22:47
uvirtbotgholt: Error: "^" is not a valid command.22:47
KnightHackerOh .. you can implement the proposed blueprint using any library if you want.22:48
KnightHackerThe reference implementation is just reference for correctness and completeness .. it wasn't intended to be production ready or highly performant or whatever.22:48
KnightHackerI am not against using repoze.who at all.22:49
KnightHackergholt: bare in mind that the proposed blueprint is just to standardize on how it should look between all the OpenStack services. Most of what we are proposing already exists in Swift, as far as I understand.22:50
gholtSo, pretty much, I guess the requirement for a service should simply be "allow a pluggable component that can process requests before they get to a service, setting documented variables indicating authenticated users".22:51
gholtI don't understand why it'd have to be X-Authorization, or Authorization, or X-Auth-Token, or REMOTE_USER, or any particular thing.22:52
*** pvo has quit IRC22:52
KnightHackerSo, that's the first requirement .. yes. You got it.22:53
gholtI don't see the need for any further requirements. Just example implementations.22:53
KnightHackerYour second question .. it is about standardization.22:53
*** jfluhmann has quit IRC22:53
KnightHackerWhy would you ever want every OpenStack service to implement it differently .. or ever worse .. RE-implementing it similarly.22:54
*** DubLo7 has joined #openstack22:54
gholtDifferent languages, different libraries. WSGI is just Python for instance.22:54
KnightHackerAs far as I know we are only accepting Python and C in OpenStack. All APIs, as far as I know .. are in Python. But even then, having the python middleware is a communication between the openstack service and the authentication or IDM system.22:55
KnightHackerSo you can have an IDM system in Java or whatever .. but as long as you have a WSGI middleware, you are set.22:55
KnightHackerMoreover, this argument falls for how it is done today anyways because we are still using WSGI in swift and nova.22:56
KnightHackerBut back again to your original point about how "heavy" the change is.. I honestly don't think it is that much of a chance at all.22:57
gholtSure, but why define how those folks implement their middleware? What if they want to use ActiveDirectory calls in their middleware? Or do they have to change their ActiveDirectory server to support HTTP workflows?22:57
KnightHackerAnd this may be not communicated well during the design summit.22:57
KnightHackerNope. They certainly can write a middleware that talks AD to their AD server.22:58
KnightHackerThen after they do the authentication, it talks back to the openstack service using the predefined protocol.22:58
KnightHackerWe don't care how the auth component authenticates the user. We just care (as already implemented in Swift) about the username after he is authenticated to be passed down to the service.22:59
KnightHackers/talks AD/talks LDAP/22:59
gholtCircles. :) If I make WSGI middleware that sets REMOTE_USER, I should be done. I shouldn't have to offer support for reverse proxy's and basic auth if it's just not needed, desired, feasible, w/e.23:00
KnightHackerhaha. OK .. now that's a different question.23:01
gholtWell, that and the fact that setting REMOTE_USER to the authenticated user is kinda already a convention in use out there.23:02
KnightHackerWe do require that the auth component authenticates itself if it is separated to mitigate security concerns23:02
KnightHackerSo, we can discuss the "name" of the header as one point. The other point I am hearing from you is if I follow the protocol, why do I need to implement the rest of it.23:02
gholtI may be confused by the statement "OpenStack services MUST support both embedded (Option (a)) and external (Option (b)) deployment strategies." Perhaps I'm reading more into that than I should. If Python services must support WSGI middleware authentication components, then the statement is redundant.23:03
KnightHackerFor the second point, it is best practices .. that's what we "require" OpenStack services to implement it so that we avoid again security stuff .. etc.23:03
*** rnirmal has quit IRC23:04
KnightHackerIn this statement, we just meant to say that services shouldn't always assume that the middleware is safe and secure and not injected or poisened.23:04
KnightHackerBecause an Operator can deploy OpenStack service with that middleware separated from the actual service.23:05
*** dubsquared has joined #openstack23:05
gholtWSGI middleware by definition is part of the processes's execution stack doesn't it? How do you have an external WSGI middleware?23:07
*** deshantm has quit IRC23:07
gholtPoor typing and grammar, sorry, heh.23:07
KnightHackergholt: haha .. np :) If you look at the ref implementation. You can run a middleware that is completely separated from an app.23:08
gholtBut... you have to have some middleware that calls out to that separate authentication service. That separate auth service isn't middleware itself.23:09
KnightHackerThis provides the Operator with a lot more flexbility on how to structure and scale his auth scheme.23:09
KnightHackerIn the ref implementation, there is an App or Service. Another file that acts as a middleware (auth component), that you can run separately and it can talk to any authentication system you want.23:10
KnightHackerThose are two different things, I meant to say.23:10
KnightHackerSo, the middleware doesn't have to be "embedded" in your app.23:10
KnightHackerSo, in other words, you can actually run your middleware on a completely separate endpoint if you want to.23:13
KnightHackerAnyways, I am gonna have to head out now, but I would love to continue this discussion later if you still have more questions.23:13
KnightHackergholt: have a good weekend :).23:13
gholtYou too. :)23:14
*** joearnold has joined #openstack23:14
*** littleidea has joined #openstack23:16
*** jtimberman has quit IRC23:20
*** joearnold has quit IRC23:27
*** joearnold has joined #openstack23:27
*** jtimberman has joined #openstack23:29
*** deshantm has joined #openstack23:30
*** schisamo has joined #openstack23:32
*** neogenix has joined #openstack23:39
*** jonkelly has quit IRC23:43
*** schisamo has quit IRC23:49
*** joearnold has quit IRC23:53
*** ArdRigh has joined #openstack23:54
*** aimon has joined #openstack23:54
*** littleidea has quit IRC23:55
*** MarkAtwood has joined #openstack23:59
« Thursday, 2010-11-11 Index Saturday, 2010-11-13 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!