Tuesday, 2011-11-22

vidd	_rfz, yes	00:00
_rfz	how? :)	00:00
_rfz	I keep getting server disconnected	00:00
_rfz	but if I launch it manually I can connect	00:01
coli	_rfz, run tcpdump and see what is happening	00:01
vidd	look at my updated "nova-settings script	00:01
*** cereal_bars has quit IRC		00:02
rmk	vidd: that did it, thanks	00:05
vidd	happy to help =]	00:06
vidd	which of the 3 was it?	00:07
*** dachary has quit IRC		00:08
vidd	rmk, which of the 3 suggestions fixed you?	00:14
rmk	the flag for keystone_ec2_url	00:14
rmk	different problem now	00:14
_rfz	vidd, thanks those 2 options for vnc fixed the problem on the controller node	00:17
vidd	_rfz, you actually thank Kiall for them =]	00:17
*** MarkAt2od has quit IRC		00:18
vidd	rmk, what issue now?	00:18
*** rnirmal has quit IRC		00:20
*** perestre1ka has joined #openstack		00:22
*** MarkAtwood has joined #openstack		00:22
*** CaptTofu1 has joined #openstack		00:22
*** krow1 has quit IRC		00:22
*** deshantm_laptop_ has quit IRC		00:23
*** perestrelka has quit IRC		00:23
*** CaptTofu has quit IRC		00:23
*** Ryan_Lane has quit IRC		00:25
*** dirkx_ has quit IRC		00:25
*** chomping has joined #openstack		00:34
*** RicardoSSP has joined #openstack		00:34
*** RicardoSSP has joined #openstack		00:34
*** pixelbeat has quit IRC		00:34
rmk	IOError: [Errno 2] No such file or directory: '/var/lib/nova/CA/server.csr'\	00:35
vishy	rmk: are you using trunk?	00:36
*** deshantm_laptop_ has joined #openstack		00:36
rmk	vishy: negative, using stable/diablo	00:36
vishy	rmk: because I think i know the bug if so	00:36
vishy	:(	00:36
rmk	Hmm if it's been patched maybe I can add it manually..	00:36
*** Pr0toc0l has left #openstack		00:37
rmk	vishy: It should be looking in /var/lib/nova/CA/projects/<id>/..	00:39
rmk	That's where it's actually creating said certs	00:39
rmk	Only bug I see on the topic is https://bugs.launchpad.net/nova/+bug/757099	00:40
vishy	rmk: do you have --use_project_ca ?	00:40
rmk	I do	00:40
vishy	when do you get that error?	00:40
rmk	Hmm actually it got removed -- re-adding and trying again	00:40
*** abecc has quit IRC		00:40
rmk	Alright yeah I'm back to my original auth error now. My config system undid my temporary nova.conf changes.	00:41
*** vendemiat has joined #openstack		00:42
rmk	The SSL certificate generation and whatnot is fine.	00:42
*** dragondm_ has quit IRC		00:42
vishy	rmk: the image_id is supposed to be int	00:43
rmk	That's what I have currently	00:43
vishy	rmk: I guess the docs need to be updated	00:43
rmk	Getting an auth error	00:43
vishy	rmk: are you using deprecated auth?	00:43
rmk	keystone	00:43
vishy	yeah that won't work	00:43
vishy	rmk: it tries to get the access and secret from the db	00:43
vishy	rmk: they aren't in the db	00:44
rmk	Hmm	00:44
vishy	if you have keystone configured with ec2 creds	00:44
rmk	I do	00:44
vishy	you could modify the vpn boot command to accept a secret and access instead of a tenant id	00:44
vishy	and you might be able to get it to work that way	00:44
vishy	that's why it has a note about only works with deprecated auth	00:44
rmk	Yeah I was hoping I could work through whatever the issue there was	00:45
rmk	I would have skipped keystone for now if I could live without the dash	00:45
*** MarkAtwood has quit IRC		00:46
vishy	rmk: well you can create a tool that boots vpn instances from the outside perhaps :)	00:46
rmk	This is true	00:46
vishy	rmk: but i think you will have other problems	00:46
vishy	trying to modify nova to do it	00:46
rmk	I'll probably end up creating a vpn appliance which tenants can just launch themselves	00:47
vishy	rmk: it won't make the keys and cas properly without users and projects	00:47
vishy	rmk: workaround	00:47
vishy	create all of the users and projects from keystone in nova with the same secret and access keys	00:47
vishy	and it should work.	00:47
vishy	ugly hack though	00:48
vishy	and you might have issues with tenant_id vs tenant_name	00:48
rmk	vishy: Would have to insert manually into the db, right?	00:48
*** jkyle has quit IRC		00:49
*** negronjl has quit IRC		00:49
vishy	rmk: no you can use nova-manage user create	00:51
vishy	and nova-manage project create	00:51
vishy	I think you will have to use the tenant_id as the project name when you create it	00:51
*** livemoon has joined #openstack		00:51
vishy	user probably username	00:51
rmk	ok I see what you're saying	00:52
rmk	I'd already created keystone ec2 creds	00:52
rmk	Sounds like this model would have me creating them in nova first, then adding them to keystone	00:52
rmk	So both sides match	00:52
livemoon	hi,vishy	00:52
*** MarkAtwood has joined #openstack		00:53
vishy	rmk: either way	00:53
rmk	Well your way means I don't have to do anything manual with nova	00:53
vishy	rmk: be nice to get the vpn code working again	00:53
rmk	Otherwise the key/secrets are non deterministic	00:53
vishy	but it will take some effort	00:53
vishy	you can specify access and secret with nova-manage user create	00:53
rmk	ah didn't know that	00:53
vishy	it gives you a uuid if you don't specify	00:54
vishy	undocumented ;)	00:54
rmk	grumble	00:54
rmk	:)	00:54
*** negronjl has joined #openstack		00:54
rmk	Actually it's in the help section for user create	00:55
WormMan	I've resorted to adding the user with keystone, logging into the dashboard to make the nova user, exporting the RC, then fixing it with the correct credentials and adding the euca creds to keystone	00:56
*** dolphm has joined #openstack		00:57
*** RicardoSSP has quit IRC		00:58
*** rsampaio has joined #openstack		00:59
*** dolphm has quit IRC		01:00
*** nerdstein has joined #openstack		01:01
*** ejat has quit IRC		01:01
*** dolphm has joined #openstack		01:01
*** po has quit IRC		01:02
*** n0ano has joined #openstack		01:03
*** n0ano has quit IRC		01:03
*** rsampaio has quit IRC		01:03
*** ben_duyujie has joined #openstack		01:04
*** n0ano has joined #openstack		01:04
rmk	vishy: I've got everything matching, still no luck though,.	01:06
*** FallenPegasus has joined #openstack		01:06
*** bryguy has quit IRC		01:07
*** MarkAtwood has quit IRC		01:07
*** vendemiat has quit IRC		01:08
_rfz	I'm having troubles connecting to a VNC on a compute only node - works fine on controller + computr node. It bombs out just before the server handshake	01:09
*** dolphm has quit IRC		01:09
*** bryguy has joined #openstack		01:10
*** webx has quit IRC		01:10
*** FallenPegasus has quit IRC		01:13
*** MarkAtwood has joined #openstack		01:13
rmk	vishy: Disabled keystone auth on glance for the time being and that worked but of course the dashboard doesn't like that at all.	01:14
*** stewart has quit IRC		01:17
*** andrewbogott has quit IRC		01:18
*** deshantm_laptop_ has quit IRC		01:21
*** FallenPegasus has joined #openstack		01:21
*** stewart has joined #openstack		01:21
*** MarkAt2od has joined #openstack		01:23
*** rnirmal has joined #openstack		01:23
*** MarkAtwood has quit IRC		01:24
*** FallenPegasus has quit IRC		01:25
*** adjohn has quit IRC		01:27
*** jkyle has joined #openstack		01:28
*** dotdevops has quit IRC		01:28
*** MarkAt2od has quit IRC		01:33
*** sdake has quit IRC		01:35
*** deshantm_laptop_ has joined #openstack		01:35
*** jog0 has quit IRC		01:36
*** rustam_ has quit IRC		01:37
*** jog0 has joined #openstack		01:39
*** jog0 has quit IRC		01:39
*** vladimir3p has quit IRC		01:39
*** MarkAtwood has joined #openstack		01:46
*** troya has joined #openstack		01:48
*** russellb has quit IRC		01:49
*** CaptTofu1 has quit IRC		01:49
*** CrashHD has joined #openstack		01:49
*** russellb has joined #openstack		01:49
*** CaptTofu has joined #openstack		01:50
*** dendro-afk is now known as dendrobates		01:51
*** CaptTofu has quit IRC		01:51
*** CrashHD has left #openstack		01:51
*** dpippenger has quit IRC		01:58
HugoKuo__	morning	01:58
*** rnirmal has quit IRC		01:59
*** jiva has joined #openstack		02:00
*** jiva has left #openstack		02:00
*** bengrue has quit IRC		02:01
ben_duyujie	did you know TWCOSUG, HugoKuo?	02:02
*** maplebed has quit IRC		02:03
*** llang629_ has left #openstack		02:04
livemoon	morning	02:05
rmk	Does anyone have a patch for this -- https://bugs.launchpad.net/glance/+bug/876952	02:08
rmk	Found it.	02:10
*** adjohn has joined #openstack		02:10
lzyeval	livemoon: you live in asia?	02:11
*** ejat has joined #openstack		02:13
*** ejat has joined #openstack		02:13
HugoKuo__	Ben_duyujie , yes	02:14
ben_duyujie	:)	02:15
HugoKuo__	Ben_duyujie , will you join the meeting in early December ?	02:15
ben_duyujie	sorry ,i can't come this time	02:17
ben_duyujie	some friends tell me there will be a meeting	02:18
troya	hi All	02:18
HugoKuo__	neither nor I , been called by the military during the week :>	02:19
ben_duyujie	Expect to have more information in the meeting:)	02:20
*** jdurgin has quit IRC		02:21
*** dpippenger has joined #openstack		02:21
ben_duyujie	anybody have used ubuntu11.10+xen4.1 for openstack?	02:22
*** miclorb__ has quit IRC		02:23
*** nerdstein has quit IRC		02:23
*** miclorb_ has joined #openstack		02:23
troya	hi hugokuo	02:24
troya	hi lzyeval	02:24
troya	i have question about creating images, anyone can help me	02:24
*** fysa has quit IRC		02:25
uvirtbot	New bug: #893426 in nova "Suspend/Resume Instances do not check instances' power state" [Undecided,New] https://launchpad.net/bugs/893426	02:26
lzyeval	wuzup troya, I just started also. What problem did you encounter?	02:29
*** misheska has quit IRC		02:33
*** lorin1 has joined #openstack		02:33
*** lorin1 has quit IRC		02:33
HugoKuo__	troya , more info plz	02:35
troya	wait,	02:37
troya	ok HugoKuo, firstly i have problem with dnsmasq of my openstack	02:38
*** obino has quit IRC		02:38
troya	every after restart my server, when i running instances no nova-network.log always appear error message >> ndnsmasq: failed to create listening socket for 10.0.0.1: Address already in use	02:38
troya	so, service my nova-network is not running	02:39
troya	what should i do ?	02:39
troya	i must kill process dnsmasq first, and restart other service then nova-network can run again	02:42
*** osier has joined #openstack		02:42
troya	HugoKuo: any sugesstion, what should i do to solve this ?	02:42
Kiall	edit /etc/default/dnsmasq and set ENABLED = 0	02:48
Kiall	nova-network, rather than upstart, needs to manage the dnsmasq instance	02:49
Kiall	g'night!	02:49
*** shang has quit IRC		02:50
*** shang has joined #openstack		02:52
troya	have a nice dream kiAll, in my country now is morning :)	02:57
*** jdg_ has joined #openstack		02:58
jdg_	exit	02:58
*** jdg_ has quit IRC		02:58
*** catbot has joined #openstack		03:00
catbot	when I tried to get a instances list for me with API, but it always returned all instances of the tenant that I belonged to. any ideas?	03:03
*** wariola has joined #openstack		03:04
*** ben_duyujie has quit IRC		03:05
*** ben_duyujie has joined #openstack		03:07
*** ejat has quit IRC		03:08
*** misheska has joined #openstack		03:10
vidd	catbot, it will return everything in your tenant....	03:11
vidd	thats what it is supposed to do	03:11
vidd	what command are you using to list instances?	03:12
catbot	I listed the instances from dashboard	03:12
catbot	and I don't want access the resources of others in a same tenant	03:14
vidd	catbot, then each user must be thier own tenant	03:14
vidd	what dashboard does is show everything your user has access to	03:15
catbot	I'm afraid that the amount of tenant will be overkill	03:16
*** arrsim has quit IRC		03:16
*** jj0hns0n has quit IRC		03:16
vidd	catbot, say for example you have a user that is a member of 2 tenants, in dashboard, that user will see all resources of both tenants	03:17
vidd	because that user has access to all resources of both tenants	03:18
*** code_franco has quit IRC		03:18
*** arrsim has joined #openstack		03:19
catbot	I remember in cactus, there was another role called 'project' and in diablo, it turned to 'tenant', that's making me confuse	03:21
troya	vidd	03:22
troya	vidd: i cannot access my instances via ssh, ping also.whereas i have configure rule to open port 22,what should i do	03:22
troya	vidd: but when i access it with vncviewer, i can access it.but when ifconfig exeucte, it's appear no IP address	03:23
vidd	catbot, "project" != "tenant"	03:24
*** jj0hns0n has joined #openstack		03:24
vidd	project is a nova thing, tenant is a keystone thing	03:25
vidd	troya, you have keystone enabled?	03:25
troya	no i havent, what's for ?	03:25
vidd	troya, it was a possible cause of your issue...but if you dont have keystone and dashboard, then the issue is something else	03:26
catbot	that's great, vidd	03:26
*** jkyle has quit IRC		03:27
vidd	catbot, i didnt set it up =]	03:27
*** janpychou has joined #openstack		03:28
*** ejat has joined #openstack		03:29
*** ejat has joined #openstack		03:29
troya	i get error message on nova-network.log like >> FixedIpNotFoundForInstance: Instance 2 has zero fixed ips.	03:30
*** obino has joined #openstack		03:31
*** jkyle has joined #openstack		03:31
*** deshantm_laptop_ has quit IRC		03:31
troya	vidd: must i resetting fixed ip and float ip again ?	03:31
troya	any suggestion ?	03:31
vidd	troya, how are you accessing the vnc?	03:34
troya	vncviewar [my_ip]:0	03:35
troya	vncviewer *	03:35
vidd	troya, no idea	03:35
troya	:(	03:37
*** nouse has quit IRC		03:37
*** wariola has quit IRC		03:38
janpychou	hi all,now,I want to delete a tenant,dose the keystone have an interrelated api?	03:40
*** adjohn has quit IRC		03:41
vidd	janpychou, you have dashboard also?	03:44
janpychou	yes	03:46
*** ldlework has quit IRC		03:47
vidd	you "should" be able to do it through dashboard	03:47
janpychou	bu the dashboard cannot delete the tenant	03:47
*** deshantm_laptop_ has joined #openstack		03:48
janpychou	a bug exists	03:49
vidd	there is always the database =]	03:49
*** JesperA has quit IRC		03:51
troya	vidd: how if i want to reconfigure float ip and fixed ip while instance already running ?	03:54
*** jakedahn has quit IRC		03:55
troya	vidd: how if i want to reconfigure float ip and fixed ip while instance already running ?	04:00
vidd	you dont	04:00
*** miclorb_ has quit IRC		04:02
troya	if i terminate instances first ?	04:02
vidd	yes	04:02
vidd	changing the IPs will not likely fix your issue	04:05
troya	so, what should i do ?	04:12
vidd	i told you befor...i dont know	04:13
*** shang has quit IRC		04:14
*** hadrian has quit IRC		04:14
*** ohnoimdead_ has joined #openstack		04:16
*** ohnoimdead_ has quit IRC		04:16
*** ohnoimdead has quit IRC		04:19
*** shang has joined #openstack		04:21
*** jakedahn has joined #openstack		04:34
*** deshantm_laptop_ has quit IRC		04:34
troya	vidd:if on my server i running 2 instances or more, how i access each via vnc ?what is port number which used for each instances ?	04:35
vidd	i only access vnc via dashboard	04:36
*** pradeep has joined #openstack		04:37
*** jakedahn has quit IRC		04:39
*** mdomsch has joined #openstack		04:39
*** jkyle has quit IRC		04:39
*** egant has joined #openstack		04:40
*** dolphm has joined #openstack		04:42
*** jakedahn has joined #openstack		04:43
*** jakedahn has quit IRC		04:44
*** jakedahn has joined #openstack		04:47
*** mdomsch has quit IRC		04:50
*** clauden has quit IRC		04:52
*** pradeep has quit IRC		05:02
*** pradeep1 has joined #openstack		05:04
*** ben_duyujie has quit IRC		05:11
*** clauden has joined #openstack		05:11
*** miclorb_ has joined #openstack		05:13
*** ejat has quit IRC		05:15
*** livemoon has quit IRC		05:18
*** dolphm has quit IRC		05:18
*** rsampaio has joined #openstack		05:19
*** Ryan_Lane has joined #openstack		05:21
troya	hi Ryan_Lane :)	05:24
Ryan_Lane	howdy	05:24
*** halfss has joined #openstack		05:24
halfss	hi how to make siwft proxy node HA?	05:26
troya	Ryan_Lane: i have write some issue on forum, check it out please	05:26
troya	http://forums.openstack.org/viewtopic.php?f=15&t=483	05:26
Ryan_Lane	troya: sorry. I haven't tried vnc yet	05:27
Ryan_Lane	I'm actually not providing console access in my environment at all yet.	05:27
Ryan_Lane	it's kind of low on my priority list :)	05:28
troya	:)	05:28
*** rsampaio has quit IRC		05:28
* Ryan_Lane doesn't need to support windows		05:28
troya	ok, is generally i have issue on my network, i cannot access instances via ssh, whereas i have configure rule of instances	05:28
troya	i have allow port 22, icmp too, but i cannot ping and ssh	05:29
Ryan_Lane	did you check you nova-network log?	05:29
Ryan_Lane	did you ensure the dhcp server is actually handing out the address?	05:29
Ryan_Lane	did you make sure that your bridge and the ethernet device bridged with it have the link set as up?	05:30
troya	yes, i have check it, when i execute nova list instancces appear get ip from dchp	05:30
Ryan_Lane	troya: you should check the log for the dhcp server	05:31
troya	where i can get it ?	05:31
troya	dhcpbirdge do you mean ?	05:31
Ryan_Lane	I think on ubuntu it would show up in /var/log/syslog or /var/log/daemon.log	05:31
Ryan_Lane	likely the same on rhel	05:32
troya	please wait, i must restart my PC	05:32
*** troya has quit IRC		05:32
*** livemoon has joined #openstack		05:35
*** sdake has joined #openstack		05:37
*** haji has quit IRC		05:38
*** llang629 has joined #openstack		05:40
*** miclorb_ has quit IRC		05:44
*** CaptTofu has joined #openstack		05:45
*** martine_ has quit IRC		05:45
*** pgalbraith has joined #openstack		05:49
*** CaptTofu has quit IRC		05:50
*** troya has joined #openstack		05:58
vidd	troya, can you ping the instance via private ip?	05:59
troya	no i can too	06:00
*** localhost has quit IRC		06:00
troya	is it because wrong on my float and fixed ip ?	06:00
vidd	and you do NOT have keystone installed	06:00
troya	no i have no keystone installed	06:00
troya	vidd: my controller ip = 175.103.44.182 then my fixed_ip=10.0.0.0/8	06:01
uvirtbot	New bug: #893456 in nova "poll rebooting still passes instance id" [Medium,In progress] https://launchpad.net/bugs/893456	06:01
troya	i have not configure float ip yet	06:01
*** localhost has joined #openstack		06:01
troya	vidd: is because of different netmask i cannot access instances ?	06:02
vidd	what ip address did your instance get?	06:03
troya	vidd: this is output off nova list command: http://pastebin.com/p9x7Xhwm	06:04
troya	instances get 10.0.0.x	06:04
livemoon	hi	06:05
livemoon	troya	06:05
livemoon	I am busy in the morning	06:05
*** egant has quit IRC		06:05
troya	hi livemoon, oh.i;m sory pm you	06:05
*** cp16net has quit IRC		06:05
*** nerens has joined #openstack		06:06
vidd	what does euca-describe-instances give you?	06:06
troya	livemoon: i still cannot access my instances.whereas it's image from iso	06:06
livemoon	can you use vnc	06:07
*** adjohn has joined #openstack		06:07
troya	vidd: this is	06:07
troya	http://pastebin.com/3hdVWJNX	06:07
troya	livemoon: firstly when installation, i can use vnc.but when i running as instances i cannot	06:08
vidd	and you tried to ping 10.0.0.2?	06:08
troya	livemoon: i still confuse what number port which sould i use to connecting instances via vnc	06:08
troya	vidd: yes, but it's unreachable	06:09
livemoon	vncviewer host_ip :0	06:09
livemoon	vncviewer host_ip :1	06:09
livemoon	first instance is 0 ,the second is 1	06:09
troya	vidd: any idea?	06:11
vidd	nope	06:11
*** cp16net has joined #openstack		06:11
*** pradeep1 has quit IRC		06:11
troya	livemoon: i can access it via vnc with port 1, i don't knw before that port is sequence as instances which runnng	06:12
troya	livemoon: why i cannot ping to instances with private ip ?	06:13
vidd	and you have added the "euca-authorize -P icmp -t -1:-1 default" and "euca-authorize -P tcp -p 22 default" ?	06:13
*** teatimer has joined #openstack		06:13
*** teatimer has left #openstack		06:13
troya	vidd: yes, i have add it to rule	06:13
*** nerens has quit IRC		06:14
livemoon	login instance and see which ip it get	06:15
vidd	what network meathod did you choose?	06:16
troya	llivemoon: when ifconfig, it's appear don't get IP address	06:18
troya	vidd: i use flat_dchp	06:19
vidd	how many eth cards?	06:19
troya	vidd: only one	06:19
vidd	patebin me the output of ifconfig	06:20
troya	vidd: this is output of ifconfig on controller >> http://pastebin.com/WFEVBcfe	06:21
vidd	this is showing 3 vm's	06:23
*** dolphm has joined #openstack		06:23
vidd	but no br100	06:23
troya	but i use: virbr0	06:23
troya	on nova.conf i use virbr0	06:23
vidd	you cant do that	06:24
troya	why ?	06:24
vidd	because virbro is what nova uses to make the networking work	06:25
troya	can you explain me more ?	06:25
vidd	the reason you are having this issue is because you are using virbr0 instead of br100	06:25
*** pradeep1 has joined #openstack		06:26
troya	vidd: can you tell me more about br100 and virbr0	06:27
*** dachary has joined #openstack		06:27
*** ejat has joined #openstack		06:27
*** ejat has joined #openstack		06:27
vidd	yes...you either set it up to use [not virbr0] or it does not work	06:28
troya	ok ok, i will try use br100	06:29
troya	please wait, i will change it	06:30
troya	vidd: how i modify my network ? must i delete it first ?	06:34
vidd	fix the setting in nova.conf and restart all services	06:34
livemoon	troya, sorry , today I am busy in work	06:37
halfss	hi how can i add user to swift?	06:40
*** odyi has joined #openstack		06:43
*** odyi has joined #openstack		06:43
*** koolhead17 has joined #openstack		06:45
troya	livemoon: ok livemoon.nextimes :D	06:45
*** llang629 has left #openstack		06:45
koolhead17	hi all	06:47
troya	hi koolhead	06:48
*** chadh has quit IRC		06:49
*** chadh has joined #openstack		06:49
troya	vidd: service be not enable after i restart them	06:50
vidd	which service?	06:50
troya	firstly for create fixed ip i use parameter --bridge_interface=vibr0	06:51
troya	must i remove network first?	06:51
vidd	for flat dhcp?	06:51
troya	yes, same use vibr0	06:52
troya	mst i remove network first?	06:52
*** ejat has quit IRC		06:53
vidd	to create private network on flat dhcp the command is "nova-manage create private [ip_range] 1 [number_of_ips]	06:53
vidd	the "br100" is assumed	06:54
troya	yes, but there is error mssage to add --bridge_interface yesterday	06:54
vidd	--bridge_interface goes in your nova.conf	06:56
*** dolphm has quit IRC		06:57
*** odyi has quit IRC		06:57
*** rocambol1 has joined #openstack		06:58
*** odyi has joined #openstack		06:58
*** odyi has joined #openstack		06:58
*** yeming has joined #openstack		07:00
troya	vidd: please wait i will restart my komputer	07:00
*** troya has quit IRC		07:00
*** crescendo has joined #openstack		07:02
*** krow has quit IRC		07:03
*** nerens has joined #openstack		07:05
*** mindpixel has joined #openstack		07:09
*** guigui has joined #openstack		07:09
*** cmasseraf has quit IRC		07:11
uvirtbot	New bug: #893466 in horizon "Quantum should either be fully optional or not optional" [Undecided,New] https://launchpad.net/bugs/893466	07:11
*** Ryan_Lane has quit IRC		07:12
*** TheOsprey has joined #openstack		07:13
*** etarasov has joined #openstack		07:14
*** stewart has quit IRC		07:16
*** openpercept has joined #openstack		07:17
*** ejat has joined #openstack		07:18
*** ejat has joined #openstack		07:18
*** troya has joined #openstack		07:19
*** stevegjacobs has quit IRC		07:19
*** clauden has quit IRC		07:20
*** ejat has quit IRC		07:22
*** ejat has joined #openstack		07:23
*** ejat has joined #openstack		07:23
troya	vidd: all service have works	07:25
vidd	you good to go now?	07:25
troya	but i check on database, select * from networks, bridge_interface still virbr0	07:25
troya	whereas i have execute : nova-manage db sync	07:26
*** stewart has joined #openstack		07:29
troya	what should i do, must i empty table ? and create nova network again ?	07:34
troya	or i can modify?	07:34
etarasov	troya: try to modify the table	07:36
vidd	it would be faster to remove and rebuild	07:36
etarasov	http://docs.openstack.org/diablo/openstack-compute/admin/content/creating-certifications.html says that the table could be modified	07:36
etarasov	http://docs.openstack.org/diablo/openstack-compute/admin/content/setting-up-openstack-compute-environment-on-the-compute-node.html	07:37
etarasov	previous link is wrong	07:37
*** koolhead17 has quit IRC		07:43
troya	stil use virbr0 when i execute ifconfig	07:50
troya	i after update tables networks	07:50
*** misheska has quit IRC		07:50
vidd	yes virbr0 is used by libvirt	07:51
vidd	can you ping instances now?	07:54
troya	wait, i run instances again, i have terminated previously	07:56
troya	vidd: it's still failed	07:57
*** ejat has quit IRC		07:57
troya	unreachable	07:57
vidd	does br100 show up in ifconfig now?	07:58
troya	yes, br100 is show, i pastebin it >> http://pastebin.com/rXccL5PJ	07:59
troya	i also have ping br100	07:59
vidd	did you launch 3 instances?	07:59
troya	but why instances can't	07:59
troya	about 4 instances before, but now only one instance	08:00
vidd	there are 3 instances showing in the your ifconfig	08:01
troya	maybe it's previously.now only 1 instances running	08:01
*** rustam has joined #openstack		08:01
vidd	you dont understand....that ifconfig you pasted has 3 registered vm's	08:02
vidd	if you do not have 3 instances at the time you did that ifconfig, then your stuff is messed up (nova database is showing instances that are not actually there)	08:03
vidd	this will mess up your networking	08:03
troya	so, what should i do ?	08:04
vidd	terminate all currently running instances....	08:04
*** miclorb_ has joined #openstack		08:04
troya	i have terminatel all of it,	08:05
troya	only one which runnign now	08:05
vidd	then edit your nova database manually to kill all active instaces	08:05
troya	what table which i must modify ?	08:06
vidd	dunno	08:06
troya	yes, i get it.table instnaces	08:06
*** pradeep1 has quit IRC		08:06
*** lzyeval has quit IRC		08:07
troya	it have many reference id	08:07
vidd	you have all the instances terminated?	08:08
troya	yes, i have terminated all, only one which running	08:08
vidd	terminate the one that is running	08:09
*** rustam has quit IRC		08:09
vidd	ALL of them	08:09
*** dobber has joined #openstack		08:09
troya	please wait vidd, i go out for few times	08:09
vidd	i want to go to bed	08:09
vidd	its after 3 am here	08:10
troya	ok, see you later vidd	08:10
vidd	are all the instances terminated?	08:10
*** cp16net has quit IRC		08:11
*** GheAway is now known as GheRivero		08:13
vidd	troya you there?	08:15
livemoon	vidd	08:20
livemoon	bye	08:20
livemoon	good night	08:20
vidd	yes livemoon	08:20
*** javiF has joined #openstack		08:20
*** Razique has joined #openstack		08:20
*** thickskin has left #openstack		08:21
*** rocambol1 has quit IRC		08:21
*** reidrac has joined #openstack		08:23
*** pradeep has joined #openstack		08:24
*** rocambol1 has joined #openstack		08:25
*** koolhead17 has joined #openstack		08:26
*** rocambol1 has quit IRC		08:30
troya	vidd: i'm sory. i have go out few times ago	08:31
troya	vidd: i have terminated all	08:32
winston-d	Razique : hey, i root-caused and fix the issue found yesterday	08:32
Razique	winston-d: hey	08:32
Razique	sorry not to have been that available yesterday :/	08:32
Razique	tell me	08:32
Razique	hey troya :)	08:32
vidd	delete all rows troya	08:32
troya	hi razique	08:33
troya	vidd: now if config output >> http://pastebin.com/8va9k2r5	08:33
troya	it's do you mean ?	08:33
winston-d	Razique : it was caused by wrong 'host' in nova.networks table. i put ip address in it, but network actually listened on 'network.HOSTNAME' topic	08:34
Razique	oh yah	08:34
Razique	nova don't deals with IP appart from the networks	08:34
vidd	troya, yes...now start an instance	08:34
Razique	on an "admin" plan it deals with host	08:34
winston-d	Razique : now the instance can boot, but DHCP seems not working.	08:35
winston-d	Razique : any hint to debug?	08:35
Razique	winston-d: yup 1: check the dnsmasq process	08:35
Razique	2- is /var/lib/nova/networks/brXXX.conf empty ?	08:35
Razique	3- check var/log/syslog for dhcp leases	08:36
winston-d	Razique: yesh, dnsmasq process is there	08:36
Razique	ok point 2 ?	08:36
troya	vidd: after i run instances, when i execute ifconfig output be : http://pastebin.com/kcDypHn3	08:37
troya	there are more vnet again	08:37
winston-d	point 2, not empty	08:38
Razique	ok	08:39
troya	vidd: how about it ?	08:39
Razique	can I see the file and the "euca-describe-instances" output ?	08:39
*** adjohn has quit IRC		08:41
vidd	troya how many instances are showing in nova database?	08:41
troya	6	08:41
troya	i have not delete rows on tables instances, because it;s have many reference to other tables	08:42
*** foexle has joined #openstack		08:42
foexle	hi	08:43
vidd	troya, can you ping fe80::fc16:3eff:fe30	08:44
vidd	sorry...fe80::fc16:3eff:fe30	08:45
*** rocambol1 has joined #openstack		08:45
vidd	gaaaa......fe80::fc16:3eff:fe30:1328	08:45
troya	vidd: how i can ping it, it's not show their ip address	08:45
vidd	the ipv6 address listed in ifconfig	08:46
*** irahgel has joined #openstack		08:46
troya	which where ?	08:46
livemoon	vidd: haven't you go to bed?	08:47
troya	i have try to access my new instances with vncviewer.but eth0 of instances not showing ip address when i execute ifconfig	08:47
troya	livemoon: he doesn't go to bed for me... hihihihi	08:48
*** jedi4ever has joined #openstack		08:48
*** dysinger has joined #openstack		08:48
troya	livemoon, may be yo can help me to solve my problem ?	08:49
troya	are you still bussy?	08:49
troya	razique: may be you can help me to solve my problem, its about instances which don't get IP address from dhcp, but on nova list instance get it	08:50
troya	Razique: may be you can help me to solve my problem, its about instances which don't get IP address from dhcp, but on nova list instance get it	08:50
livemoon	troya: yes, swift made me crazy	08:51
*** mnour has joined #openstack		08:51
*** kaigan_ has joined #openstack		08:51
*** vdo has joined #openstack		08:51
livemoon	troya, in your instance ,can you use "dhclient" command	08:52
livemoon	use dhclient to get ip	08:52
troya	no i cannot	08:52
livemoon	cannot get ip from dhcp server?	08:53
*** nacx has joined #openstack		08:53
vidd	troya, wait....are you saying that the instance does not show the ip address INSIDE the instance?	08:53
livemoon	what is your instance's os?	08:53
livemoon	vidd, I think the instance cannot get ip	08:53
livemoon	look at your nova-compute and nova-network log	08:53
livemoon	to find some error in it	08:54
troya	livemoon: i use ubuntu 11.04, but it's not tarball. it's i made it yesterday	08:54
winston-d	livemoon : same problem here	08:54
troya	i make it from .iso	08:54
troya	vidd: yes, it don't show ip address on ifconfig	08:54
vidd	its not going to	08:55
livemoon	have you done "sudo rm -rf /etc/udev/rules.d/70-persistent-net.rules" in your image?	08:55
troya	sure vidd	08:55
troya	livemoon: what is it for ?	08:55
livemoon	in your instances ,is eht0 or eth1?	08:55
troya	livemoon: eth0	08:56
vidd	can you ping the ip address that euca gives it?	08:56
troya	vidd: no, i cannot ping it	08:56
vidd	sounds like either your nova config file is still off or your nova database is off or both	09:00
vidd	can you paste me your nova.conf [blankout the mysql password]	09:00
troya	oke, ths is http://pastebin.com/6XTVjut3	09:02
troya	how about it vidd?	09:03
*** pradeep has quit IRC		09:03
vidd	troya, my network section: http://dpaste.com/660138/	09:06
*** javiF has quit IRC		09:07
uvirtbot	New bug: #893494 in nova "20 VM startup using new snapshot = general error mounting filesystems" [Undecided,New] https://launchpad.net/bugs/893494	09:17
*** ejat has joined #openstack		09:18
*** ejat has joined #openstack		09:18
*** pradeep1 has joined #openstack		09:18
*** rustam has joined #openstack		09:22
vidd	troya, i hope that helps...im off to bed	09:23
vidd	for real this time =]	09:23
*** vidd is now known as vidd-away		09:23
*** silenti has joined #openstack		09:24
*** pixelbeat has joined #openstack		09:26
silenti	can't find anywhere in the documentation, can I have more instances of nova-volume per cloud controller? Or maybe there is another way to scale for I/O?	09:27
*** littleidea has joined #openstack		09:29
*** tungvs has joined #openstack		09:31
tungvs	I'm trying to setup openstack in an all-in-one model. I've managed to get the image (ubuntu-local-user, which is noted in the openstack document) bootup. But the error "DataSourceEc2.py[WARNING]: waiting for metadata service at http://169.254.169.254/2009-04-04/meta-data/instance-id" comes up. Dont know what to do next. Any ideas, guys ?	09:33
tungvs	btw, iptables is set: -A PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.58.62.114:8773	09:34
*** zz_bonzay is now known as bonzay		09:35
*** openpercept has quit IRC		09:36
*** darraghb has joined #openstack		09:36
*** tungvs has quit IRC		09:38
*** ejat has quit IRC		09:40
*** javiF has joined #openstack		09:41
etarasov	is there full list of nova.conf flags with possible values?	09:46
*** dirkx_ has joined #openstack		09:46
silenti	etarasov: yes, "nova-compute --help"	09:50
*** ejat has joined #openstack		09:51
*** ejat has joined #openstack		09:51
foexle	it's possible to user security groups without vlan mode ?	09:53
foexle	-r	09:53
*** junaid has joined #openstack		09:58
*** ccc1 has quit IRC		09:58
*** livemoon has left #openstack		09:59
*** nid0 has quit IRC		09:59
halfss	is there anybody know how to look che capacity of swift?	10:04
etarasov	are volumes for instances kept in /var/lib/nova/instances/ or in lvm logical volume?	10:04
*** nid0 has joined #openstack		10:04
reidrac	halfss: capacity? do you mean free disk space?	10:07
reidrac	halfss: get devices free disk space after mkfs and divide it by the number of replicas, and you'll get a good approximation :)	10:08
foexle	etarasov: volumes = lv	10:08
*** Razique has quit IRC		10:09
*** Razique has joined #openstack		10:09
*** troya has quit IRC		10:11
py__	ls	10:13
HugoKuo__	test	10:18
etarasov	foexle: then why it's necessary to mount nfs to /var/lib/nova/instances to perform live migration?	10:19
*** morfeas has quit IRC		10:19
HugoKuo__	halfss , kuras atkisc 是你同事嗎	10:19
koolhead17	HugoKuo__, pass :D	10:19
HugoKuo__	koolhead17 , bonjour	10:20
koolhead17	HugoKuo__, namaste	10:20
koolhead17	Razique, around?	10:20
foexle	in /var/lib/nova/instances will save running instance images	10:22
HugoKuo__	koolhead17 , did you produce any doc on openstack-manuals	10:22
foexle	etarasov: so this images are generated if you are run an instance	10:23
koolhead17	HugoKuo__, am working on it. i need to sit and commit	10:23
foexle	hi koolhead17 :)	10:23
HugoKuo__	got it	10:23
koolhead17	foexle, howdy. :D	10:23
*** dachary has quit IRC		10:23
koolhead17	HugoKuo__, but whatever bug i found in docs i have commented there along with solution and mentioning doc will soon be updated. :D	10:24
koolhead17	HugoKuo__, your using python-novaclient from oneiric repo right?	10:24
*** chadh has quit IRC		10:24
*** lmh has quit IRC		10:25
*** Lumiere has quit IRC		10:25
HugoKuo__	koolhead17 , nope from latest code	10:25
koolhead17	and did you tried it from repo by any chance?	10:25
*** chadh has joined #openstack		10:26
*** lmh has joined #openstack		10:26
*** Lumiere has joined #openstack		10:27
HugoKuo__	koolhead , maybe long time ago ....	10:27
koolhead17	HugoKuo__, also just saw a question > Would it be possible to use git tags to mark released version?	10:27
koolhead17	It seems to me that python-novaclient has no tag	10:27
HugoKuo__	any problems with the repos python-novaclient ?	10:27
koolhead17	HugoKuo__, i am planning to try it today	10:27
HugoKuo__	I'm not such expert with this issue :<	10:28
HugoKuo__	there's a discussion on mailing list	10:28
HugoKuo__	related to your question	10:28
koolhead17	HugoKuo__, thats what i said :D	10:28
*** troya has joined #openstack		10:33
troya	hi all	10:34
*** ejat has quit IRC		10:35
etarasov	foexle: thanks	10:38
etarasov	so, volume storage should be updated then instance is stopped	10:39
foexle	no	10:40
foexle	if instance terminated	10:41
*** mcclurmc has quit IRC		10:42
*** mcclurmc has joined #openstack		10:42
etarasov	so I'm confused about volume/image concept	10:43
*** dirkx_ has quit IRC		10:45
etarasov	can cloud instances be run without nova-volume service?	10:45
foexle	yes, you dont neet to attach an iscsi volume	10:45
foexle	but an instance should be stateless in a cloud	10:45
etarasov	why iscsi/sheepdog is needed?	10:46
etarasov	to save instance state after termination?	10:46
foexle	no not instance state	10:46
foexle	you files	10:46
foexle	persistent sstorage	10:46
foexle	like ebs in ec2	10:46
foexle	+r	10:46
etarasov	ok	10:47
etarasov	I've set --network-manager=nova.network.manager.FlatManager in /etc/nova/nova.conf, but nova-manage config list \| grep network.manager gives --network_manager=nova.network.manager.VlanManager	10:50
etarasov	what can be wrong?	10:50
Razique	back :d	10:51
Razique	troya: still here ?	10:51
foexle	have you reastart all your services?	10:51
foexle	Razique: hey Razique :)	10:51
etarasov	already get it, thanks =)	10:51
etarasov	--network-manager vs --network_manager	10:51
*** TheOsprey has quit IRC		10:52
*** Razique has quit IRC		10:56
*** javiF has quit IRC		10:59
*** Razique has joined #openstack		11:01
troya	razique:i'm sory i will go out now, may be next time	11:03
*** troya has quit IRC		11:03
*** dirkx_ has joined #openstack		11:05
*** silenti has quit IRC		11:07
*** ahasenack has joined #openstack		11:08
foexle	Razique: if i map a public ip to an instance, how can i use this ip ? so network device in each vm	11:08
foexle	Razique: or only a alias to lo:0 ?	11:09
Razique	the nova-network does a nat public ip (floating ip) -> private ip (local ip)	11:09
foexle	yeah i know	11:09
Razique	the instance eth is configured as DHCP, nova-network serves the IP addr.	11:09
*** dachary has joined #openstack		11:10
foexle	ok but how i can tell a service to bind to this public ip ... like apache vhost?	11:10
foexle	or should this bin to local ip ?	11:10
foexle	+d	11:10
Razique	foexle: you can bin to local ip =)	11:10
foexle	ah great	11:10
Razique	the only reason you would need multiple IP is if you use SSL	11:10
Razique	in that case, you would use the multi nic feature	11:11
foexle	why ? .... not for https	11:11
*** nkrinner has joined #openstack		11:11
Razique	because when u configure Apache it require one IP per SSL configuration	11:13
Razique	(until the GNUtls implementation)	11:13
foexle	Razique: nope :D .... not since 1 year	11:13
foexle	you can easy use NamevirtualHost xxx.xxx.xx.xx:443	11:13
Razique	which version of apache implements the multiple SSL per IP ?	11:13
*** yeming has quit IRC		11:14
foexle	i'm looking	11:15
*** kaigan_ has quit IRC		11:15
*** TheOsprey has joined #openstack		11:16
foexle	cant find the version -.-	11:17
foexle	Apache 2.2.12	11:18
foexle	OpenSSL 0.9.8g	11:18
foexle	but IE6 can't handle this i think	11:18
*** GheRivero has quit IRC		11:19
*** miclorb_ has quit IRC		11:21
*** littleidea has quit IRC		11:22
*** jedi4ever has quit IRC		11:22
*** rods has joined #openstack		11:26
*** kaigan_ has joined #openstack		11:28
*** PotHix has joined #openstack		11:29
*** miclorb_ has joined #openstack		11:30
*** GheRivero has joined #openstack		11:32
*** miclorb_ has quit IRC		11:34
Razique	foexle: good to know :)	11:34
Razique	i'll eat, be back later	11:35
Razique	we wisited a new datacenter this morninng for our second cloud	11:35
Razique	and create zones between the two OPS clouds	11:35
*** livemoon has joined #openstack		11:37
*** javiF has joined #openstack		11:46
*** redconnection has quit IRC		11:51
*** redconnection has joined #openstack		11:51
*** Razique_ has joined #openstack		11:54
koolhead17	Razique, :)	11:54
*** redconnection has quit IRC		11:55
*** Razique has quit IRC		11:55
*** Razique_ is now known as Razique		11:55
*** mgoldmann has joined #openstack		11:57
*** dirkx_ has quit IRC		11:59
*** jedi4ever has joined #openstack		12:05
*** pradeep1 has quit IRC		12:05
*** javiF has quit IRC		12:07
*** nkrinner has left #openstack		12:10
foexle	Razique: if i have a instance with 10.0.0.10 and the next one with 10.0.2.2 in the same project, build nova automaticly a correct route ?	12:12
*** dirkx_ has joined #openstack		12:13
etarasov	it seems that storing qcow2 images in glance causes long startup time for instances	12:14
etarasov	there is a qemu-img convert process =\	12:15
*** agosse has joined #openstack		12:15
agosse	so	12:16
agosse	i'm trying to deploy openstack, following the diablo starger guide	12:16
*** littleidea has joined #openstack		12:17
agosse	i'm running into a problem where there's a hard coded pathname in python27/dist.packages/swift/obj/auditor.py +39	12:17
agosse	it's invoking conf.get('devices', '/srv/node');	12:18
agosse	/srv/node doesn't exist, and the diablo starter guide doesn't tell me to create it	12:18
*** [1]halfss has joined #openstack		12:19
*** halfss has quit IRC		12:19
*** [1]halfss is now known as halfss		12:19
agosse	i think that's what the root of my problem is (which is that the swift API is returning 500 internal server error)	12:20
*** osier has quit IRC		12:21
*** redconnection has joined #openstack		12:21
*** halfss has quit IRC		12:21
*** halfss has joined #openstack		12:22
*** javiF has joined #openstack		12:22
*** dysinger has quit IRC		12:22
*** halfss has quit IRC		12:25
*** dirkx_ has quit IRC		12:33
*** Razique_ has joined #openstack		12:33
*** nerdstein has joined #openstack		12:33
*** Razique has quit IRC		12:34
*** Razique_ is now known as Razique		12:34
*** dysinger has joined #openstack		12:34
*** cereal_bars has joined #openstack		12:36
*** zul has quit IRC		12:37
*** jedi4ever has quit IRC		12:38
*** jedi4ever has joined #openstack		12:38
*** zul has joined #openstack		12:38
*** jedi4ever has quit IRC		12:43
*** jedi4ever has joined #openstack		12:43
*** bsza has joined #openstack		12:43
*** Razique has quit IRC		12:45
*** littleidea has quit IRC		12:45
*** littleidea has joined #openstack		12:45
*** dysinger1 has joined #openstack		12:46
*** littleidea has quit IRC		12:46
*** littleidea has joined #openstack		12:46
*** PeteDaGuru has joined #openstack		12:47
*** dysinger has quit IRC		12:49
chmouel	this is probably a documentation bug then that would be good to filled	12:50
*** hadrian has joined #openstack		12:51
*** tokge011 has joined #openstack		12:51
*** bergerx has joined #openstack		12:55
*** martine has joined #openstack		12:56
*** zul has quit IRC		12:57
*** zul has joined #openstack		12:58
*** Razique has joined #openstack		13:01
kodapa	anyone got dashboard running on ubuntu 11.10?	13:02
Razique	foexle: back	13:02
Razique	yup nova builds a route per network	13:02
kodapa	diablo and dashboard from git	13:02
Razique	thus per tenanty	13:02
Razique	tenant *	13:02
*** jeremy has quit IRC		13:02
koolhead17	kodapa, i was not able to until yesterday	13:02
kodapa	I'm just getting Error: Unable to get service info: This error may be caused by a misconfigured Nova url in keystone's service catalog, or by missing openstackx extensions in Nova. See the Horizon README.	13:02
kodapa	koolhead17: yeah, I got it running, but it stopped working after a apt-get update	13:02
kodapa	No idea why (actually no idea why it worked before either :D)	13:03
kodapa	dashboard is magic	13:03
kodapa	when it works, be happy	13:03
koolhead17	kodapa, you used ubuntu repo for dashboard	13:03
koolhead17	Razique, sir	13:03
kodapa	koolhead17: no, nova-compute etc	13:03
Razique	hey koolhead17	13:03
kodapa	koolhead17: dashboard is from git	13:03
foexle	Razique: ah ok ...thats great :D ...	13:03
koolhead17	kodapa, i am trying to do the same but till yesterday due to missing egg bug i was not able to use /install dashboard	13:04
koolhead17	i have keystone and openstack running along side :D	13:04
kodapa	koolhead17: i can login to dashboard and see stuff, I can see volumes and images	13:05
kodapa	koolhead17: and configure tenants and users	13:05
*** GheRivero is now known as GheAway		13:05
kodapa	koolhead17: but I'm getting blablabla openstackx missing	13:05
*** nerens has quit IRC		13:05
*** jeremy has joined #openstack		13:05
foexle	Razique: so if i have an instance with ip 10.0.1.3 and an other one in the same project with ip 10.0.0.23 on an other compute node its no problem ?!	13:05
*** jeremy has quit IRC		13:05
*** jeremy has joined #openstack		13:05
koolhead17	kodapa, https://bugs.launchpad.net/horizon/+bug/888385	13:05
kodapa	koolhead17: and No route matched for GET /1/admin/services in nova-api.log	13:05
*** pfibiger_ has joined #openstack		13:06
Razique	foexle: not at all	13:06
kodapa	koolhead17: hmmm	13:06
koolhead17	kodapa, so am still waiting there. :)	13:06
Razique	in fact when u create a network per tenant you specify it generally for 254 hosts	13:06
kodapa	koolhead17: I could install venv	13:07
kodapa	:S	13:07
*** willaerk has joined #openstack		13:07
foexle	Razique: yes but if i have more then 254 vms in this tenant ?	13:07
*** perestre1ka has quit IRC		13:07
koolhead17	kodapa, haha. not in current situation 4 me	13:07
Razique	foexle: in u plan to have more, then don't go for a /24	13:07
*** pfibiger_ has quit IRC		13:08
foexle	i go for /8 atm .... but only for tests	13:08
Razique	8	13:08
Razique	beware	13:08
Razique	that would require the database to be populated with all adresses within that range	13:08
*** catintheroof has joined #openstack		13:08
foexle	i know :> .... yeah it was only for tests	13:09
Razique	hehe	13:09
Razique	ok	13:09
koolhead17	Razique, will you be here 5-6 hr from now :d	13:10
Razique	yup i'll be there @ work	13:10
kodapa	koolhead17: :/	13:10
Razique	koolhead17: it's no pb	13:10
Razique	i'll be avialable	13:10
*** littleidea has quit IRC		13:11
koolhead17	Razique, awesome, i will reach home that time. i see 5-6 minor edits in documentation and i want to get done with it tonight	13:11
kodapa	koolhead17: just cleaned out my env and reinstalled, no fail	13:11
koolhead17	am also thinking to join the openstack-meeting tonight. although it will be 2.30 am for me	13:11
koolhead17	kodapa, lemme try again	13:11
koolhead17	kodapa, did you used tag for diablo while u got the code from github?	13:15
*** perestrelka has joined #openstack		13:18
*** livemoon has quit IRC		13:23
kodapa	koolhead17: no	13:25
kodapa	koolhead17: just git clone https://github.com/openstack/horizon.git	13:25
koolhead17	kodapa, your supposed to do that i been told because the above clone will get you dashboard 4 essex	13:26
kodapa	hm	13:27
kodapa	koolhead17: why not use openstack-dashboard from ubuntu repos?	13:27
koolhead17	kodapa, it takes some time to package/modify changes out of continuously evolving project like dashboard, thats why	13:29
kodapa	koolhead17: but nova-compute, nova-volume etc from repo is fine?	13:33
koolhead17	kodapa, indeed because its stable AFAIK :)	13:34
kodapa	Hopefully ;P	13:34
foexle	kodapa: more or less ;)	13:34
koolhead17	foexle, +1	13:35
kodapa	?	13:35
kodapa	koolhead17: Command 'egg' not found	13:35
kodapa	:(	13:35
koolhead17	kodapa so the bug still exists. :(	13:35
kodapa	in branch stable/diablo yes	13:36
kodapa	but bug does not exist in master :S	13:36
koolhead17	kodapa, wa00 now that is news. :P	13:37
*** swill has quit IRC		13:37
kodapa	koolhead17: Well I could install venv with master	13:37
*** kerouac has joined #openstack		13:37
kerouac	i have no swauth* commands installed, just man pages	13:38
kerouac	how do i add swift users?	13:38
koolhead17	kodapa, so i can install dash without any issue via master	13:39
kodapa	koolhead17: yes	13:39
* koolhead17 waiting for the installation :D		13:39
kodapa	koolhead17: I got dashboard running yesterday	13:39
*** lts has joined #openstack		13:39
kodapa	koolhead17: but the nova parts stopped working after a update for nova-compute	13:40
*** dirakx1 has joined #openstack		13:40
koolhead17	kodapa, i am assuming that because ur using essex at dash :P	13:40
kodapa	:P	13:41
*** martine has quit IRC		13:41
*** martine has joined #openstack		13:41
stevegjacobs_	hi	13:42
kodapa	hi	13:42
stevegjacobs_	I have a networking issue	13:45
stevegjacobs_	I have assigned a public ip address to a particular instance - like 78.xxx.xxx.50.	13:47
stevegjacobs_	I can ping and ssh to it	13:48
*** lzyeval has joined #openstack		13:48
stevegjacobs_	but I am installing a non-open source application that wants to bind to that ip address for licensing purposes	13:49
stevegjacobs_	and ipconfig on the server only reveals 192.168.x.xxx - the internal address	13:50
*** lucrecius has joined #openstack		13:52
stevegjacobs_	Is there anyway to get the external ip address to work this way?	13:52
stevegjacobs_	wget --bind-address=78.xxx.xxx.50 http://www.paidforapp.com	13:54
dysinger1	the "openstack starter guide" has 2 static interfaces (10.10.10.2 and 192.168.3.1)... but then in the nova.conf examples it adds a third with "--fixed_range=192.168.0.0/16"	13:56
dysinger1	can anyone explain the 192.168.0.0/16 for us ?	13:56
dysinger1	(I'm on nova-core/trunk)	13:56
uvirtbot	New bug: #893578 in nova "VM Stays in rebuild state forever" [Undecided,New] https://launchpad.net/bugs/893578	13:56
uvirtbot	New bug: #893580 in nova "VM goes to "Build timeout" state if the instance is rebuilded with an image in state "queue"" [Undecided,New] https://launchpad.net/bugs/893580	13:56
*** dprince has joined #openstack		13:59
*** sloop has quit IRC		13:59
*** nerdstein has quit IRC		13:59
agosse	?	13:59
foexle	vlan: 100	14:00
foexle	ups :D	14:00
foexle	vlan: 100 in the nova database are the vlan id right ? so its tagged with 100 ?	14:01
*** ldlework has joined #openstack		14:02
uvirtbot	New bug: #893582 in nova "Terminating VM while the VM state is build fails to terminate the VM and VM stays in build state forever and its not possible to terminate the vm after" [Undecided,New] https://launchpad.net/bugs/893582	14:02
*** livemoon has joined #openstack		14:03
*** osier has joined #openstack		14:03
*** nerens has joined #openstack		14:03
*** popux has joined #openstack		14:04
*** lorin1 has joined #openstack		14:06
lucrecius	has anyone had success in running Quantum with the devstack deployment script running in VM?	14:07
lucrecius	posted a question to Quantum Launchpad page here https://answers.launchpad.net/quantum/+question/179620	14:07
uvirtbot	New bug: #893583 in nova "While taking a snapshot deleting the instance makes the snapshot in queue state forever " [Undecided,New] https://launchpad.net/bugs/893583	14:08
uvirtbot	New bug: #893586 in nova "snapshot from a vm in build state stays in queue state forever and instance goes to several intermediate states like ERROR and SHUTOFF state" [Undecided,New] https://launchpad.net/bugs/893586	14:08
uvirtbot	New bug: #893587 in nova "rebuild instance from a snapshot which is in saving state fails to come to active state" [Undecided,New] https://launchpad.net/bugs/893587	14:08
*** chemikadze has joined #openstack		14:10
*** lts has quit IRC		14:11
*** dirkx_ has joined #openstack		14:12
*** livemoon1 has joined #openstack		14:12
*** sloop has joined #openstack		14:12
uvirtbot	New bug: #893579 in nova "Snapshot from Terminating VM stuck in saving state" [Undecided,New] https://launchpad.net/bugs/893579	14:13
*** alekibango has quit IRC		14:14
*** alekibango has joined #openstack		14:14
*** livemoon has quit IRC		14:16
*** swill has joined #openstack		14:17
*** lorin1 has quit IRC		14:18
*** livemoon1 has left #openstack		14:18
*** lorin1 has joined #openstack		14:18
*** lorin1 has joined #openstack		14:19
*** pradeep has joined #openstack		14:20
kerouac	swauth-* andf freinds	14:21
kerouac	are tehy depracated?	14:21
kerouac	anyone ? beuller?	14:21
*** junaid has quit IRC		14:22
notmyname	kerouac: swauth is not part of swift itself anymore. it's been moved to a separate project https://github.com/gholt/swauth	14:23
*** mattray has joined #openstack		14:24
kerouac	ahhhhh	14:24
kerouac	do i use the proxy now instead?	14:24
notmyname	tempauth is now included in swift	14:24
kerouac	i'm reading the tempauth docs	14:24
kerouac	thought it was just 'temporary' until i set up swauth	14:24
kerouac	ok, that makes more sense	14:25
notmyname	tempauth has the same basic features as swauth, but it is much simpler and useful for limited poc or dev work	14:25
kerouac	i can just add the users to teh proxy conf file?	14:25
notmyname	ya, it is "temporary" until you use a prod auth system	14:25
*** lts has joined #openstack		14:25
notmyname	yes. tempauth is entirely configured in the proxy config	14:25
kerouac	notmyname: Dude. Thank you.	14:25
notmyname	np	14:25
foexle	its any one a doc how to use swift with keystone with curl commands ? i mean use ! not configure no admin guide ;)	14:26
notmyname	foexle: there is nothing special about keystone vs swauth vs anything else when using curl. the process is all the same (roughly)	14:27
notmyname	foexle: use curl to make the auth request to keystone	14:27
notmyname	foexle: parse out the auth token from the response body	14:27
notmyname	foexle: use that auth token as the value for the x-auth-token header for all commands you send to swift	14:27
foexle	notmyname: so the first step, auth with username and pw against keystone and then to swift directly ?	14:28
*** abecc has joined #openstack		14:28
notmyname	foexle: auth to keystone with username/pw. use the resulting auth token for swift	14:28
foexle	and swift looks in the keystone db for this token ?	14:28
foexle	so swift dont have this user if i create a user in keystone	14:29
*** hggdh has quit IRC		14:30
notmyname	foexle: swift users and keystone users are differnet (actually, swift doesn't really have "users")	14:31
notmyname	foexle: and yes, swift confirms that the token is valid for the request with keystone (using the keystone-provided middleware in the proxy server)	14:32
foexle	notmyname: ok and with the opetion allow_account_management = true	14:32
foexle	i can use users	14:32
foexle	in swift right ?	14:33
*** gnu111 has joined #openstack		14:33
foexle	if they are in keystone	14:33
notmyname	foexle: that option allows accounts to be created/deleted. you wouldn't want that on a public proxy. set up a private one that your provisioning service can call	14:33
notmyname	foexle: if it helps, the swift "account" is called a "tenant id" in the keystone world	14:34
foexle	ah ok	14:35
foexle	i see ...	14:35
swill	notmyname: have you had any trouble getting the non-admin account to work with swift_auth?	14:35
*** hggdh has joined #openstack		14:36
notmyname	swill: swift_auth?	14:37
*** tryggvil_ has quit IRC		14:37
swill	notmyname: for some reason my admin account works prefectly, but all others dont. curl works for everything, but swift_auth is bombing in the '_keystone_validate_token' function for non admin accounts. yes. swiftauth (part of keystone).	14:37
notmyname	ah ok	14:37
notmyname	that sounds like something you should troubleshoot with the keystone devs. if I were having that problem, I'd ask chmouel first	14:38
* notmyname doesn't use keystone normally		14:38
swill	notmyname: i got the admin account working according to your tips, but i still have not gotten everything else working. i thought you had a test account setup, so i figured i would check if you had run into the same problem.	14:38
swill	ok no worries. :)	14:39
*** andrewbogott has joined #openstack		14:40
*** dubsquared has joined #openstack		14:41
*** misheska has joined #openstack		14:41
*** misheska has quit IRC		14:41
*** gnu111 has quit IRC		14:43
*** javiF has quit IRC		14:44
*** willaerk has quit IRC		14:46
*** AlanClark has joined #openstack		14:46
*** afm has joined #openstack		14:47
zul	10 minutes before the ec2 api team meeting	14:50
*** osier has quit IRC		14:54
*** nRy has quit IRC		14:55
*** DW-10297 has joined #openstack		14:56
DW-10297	Is there a installable openstack single server 'getting started' distro anywhere that one who is interested can mess with, or is it install ubuntu and apt-get install openstack* ?	14:57
zul	yes	14:58
DW-10297	zul: was that to me?	14:59
zul	yes	14:59
DW-10297	So yes to both or ...	15:00
koolhead17	Razique, around? did you put some documentation how api-paste.ini < middleware> nova works with keystone?	15:02
kodapa	(nova.api): TRACE: AttributeError: Values instance has no attribute 'keystone_ec1_url' in nova-api.log	15:04
kodapa	anyone seen that?	15:04
lucrecius	DW-10297: have you tried devstack.org?	15:06
*** dolphm has joined #openstack		15:06
*** nerdstein has joined #openstack		15:08
*** lzyeval has quit IRC		15:10
*** lzyeval has joined #openstack		15:10
agosse	can someone tell me what conf.get('blah', '/srv/nodes') is used for?	15:15
chmouel	agosse: where?	15:16
*** lzyeval has quit IRC		15:16
*** imsplitbit has joined #openstack		15:16
agosse	in python27/dist.packages/swift/obj/auditor.py	15:16
agosse	my swift api is giving me 500s	15:16
*** dirkx_ has quit IRC		15:17
chmouel	it has been removed in 1.4.3 as it's not there	15:17
agosse	and the only errors that i can see by tracing the swift-init rest start command is it trying to open /srv/nodes where /srv/nodes doesn't exist	15:17
*** CaptTofu has joined #openstack		15:17
agosse	this is an install i just started doing this week following the starter guide	15:17
chmouel	well it def needs to be created	15:18
agosse	weirdly, when i set it up on a different box last week it worked perfectly	15:18
chmouel	where is the starter guide?	15:18
chmouel	prbably need to be added there	15:18
agosse	1 sec..	15:18
agosse	http://docs.openstack.org/diablo/openstack-compute/starter/	15:19
chmouel	swill: can you recap me your problem with swift+keystone?	15:19
DW-10297	Is openstack able to efficiently use shared storage yet? I know awhile back someone said it would be coming in diablo	15:19
swill	chmouel: yep. i will put together some pastebins	15:19
*** dolphm is now known as dolph_		15:20
swill	chmouel: basically, i have swiftauth working for for my admin account, but every other account fails. i have narrowed down the issue to the '_keystone_validate_token' function	15:20
chmouel	agosse: i can't find the install part in there	15:20
agosse	for swift?	15:20
chmouel	swill: humm.. i just fixed that function this morning 8-)	15:21
chmouel	agosse: yes	15:21
*** dolph_ is now known as dolphm		15:21
swill	chmouel: specifically the conn = http_connect(...) fucntion	15:21
swill	chmouel: oh... ok	15:21
chmouel	swill: yep i think it's the same prob	15:21
agosse	http://docs.openstack.org/diablo/openstack-compute/starter/content/Swift_install.html	15:21
swill	chmouel: is the newest code in the github repo?	15:21
chmouel	swill: can you try to test with https://review.openstack.org/#change,1717 ?	15:21
chmouel	swill: someone from keystone team need to merge it first	15:22
swill	chmouel: ok, i will test it now.	15:22
chmouel	swill: cheers that would be big help, you can install the catch_errors middleware in swift to catch the exception and that would make things easier fro debugging	15:22
*** pgalbraith has quit IRC		15:22
dolphm	chmouel: swill: we were waiting on feedback from someone from swift before merging	15:22
*** deshantm_laptop has joined #openstack		15:23
notmyname	dolphm: oh ya. ziad sent me an email. let me take a look at that	15:23
*** javiF has joined #openstack		15:23
swill	chmouel: dolphm: I will get testing it now.	15:23
notmyname	(I was traveling all last week)	15:23
chmouel	agosse: well there is not much in there you you prob want to follow the http://swift.openstack.org/development_saio.html for your testing at first	15:24
agosse	chmouel: ta, an opportunity for improvement on the starter guide then?	15:26
chmouel	agosse: yep feel free to get in touch annegentle if you want to help with this	15:26
chmouel	with annegentle i mean	15:27
swill	chmouel: does it matter where catch_errors is installed in the pipeline?	15:27
notmyname	dolphm: what feedback specifically are you looking for from the swift side of things?	15:27
swill	chmouel: i can just put catch_errors first in the pipeline and it should be good?	15:28
chmouel	chmouel: not sure where exactly but something like this would work https://review.openstack.org/#patch,unified,1845,1,files/swift/proxy-server.conf	15:28
chmouel	swill: &&	15:28
notmyname	swill: chmouel: catch_errors in swift should be the first in the pipeline. it's designed to ensure that no tracebacks go to the client. it actually could hide some info potentially. for debugging, you may want to run without it	15:29
notmyname	catch_errors also ensures that the transaction id for the request is set properly	15:29
swill	notmyname: hang on. so should i be using catch_errors or not for debugging?	15:30
chmouel	well the exceptions are not coming to the logs without it	15:30
swill	chmouel: ya, i noticed that too	15:30
*** rocambol1 has quit IRC		15:30
notmyname	swill: I'd start with not using it	15:31
swill	notmyname: ok, i will try with both and see what it changes.	15:31
dolphm	notmyname: i guess 206-210 -- it looks risky to me	15:32
notmyname	chmouel: catch_errors is a basic global try/accept. it shouldn't affect the existence of a tranceback one way or the other. just what happens if there is an uncaught exception	15:32
*** dirakx1 has quit IRC		15:33
chmouel	notmyname: i guess this is a bug then, as without it I don't see the exceptions	15:34
notmyname	chmouel: perhaps, but I may be confused too	15:34
swill	i can confirm that I do not see the exceptions (and I was not using it).	15:34
*** dillon-w has joined #openstack		15:34
notmyname	so an exception is raise and you only see the traceback if catch_errors is in the pipeline? where do you see the traceback?	15:35
swill	notmyname: i just add catch_errors and now I am getting errors in the proxy.error file (before i never got any errors in that file).	15:35
chmouel	yep same thing as swill	15:35
dillon-w	Razique : hi there	15:35
swill	this is going to help. :)	15:36
notmyname	what's the exception?	15:36
chmouel	notmyname: was something coming from the swift+keystone middleware not on swift directly	15:38
swill	chmouel: give me a couple minutes to get the test going. i am doing a quick uninstall and reinstall of my setup to get a clean setup cause I have been fiddling.	15:39
swill	i have it all setup in chef, so it will only take a minute.	15:39
chmouel	nice	15:40
agosse	chmouel: looking at the link you sent me, I can't find /srv/node in the page. all the docs reference /srv/[1-4]/node	15:40
agosse	which is consistent with the starter	15:41
chmouel	agosse: this is because the swift all in one is to allow to have 4 replicas/nodes on the same host	15:41
dillon-w	Razique : around?	15:41
*** PiotrSikora has quit IRC		15:41
agosse	chmouel: starter guide does this now too	15:42
chmouel	agosse: humm i'll need to read over the starter guide more deeply to see what's has been documented wrongly there	15:43
*** PiotrSikora has joined #openstack		15:43
*** tryggvil has joined #openstack		15:47
chmouel	dolphm: I was trying to explain to notmyname by direct message that on the middleware we define the admin of an account/tenant by convention	15:49
*** code_franco has joined #openstack		15:49
*** vladimir3p has joined #openstack		15:50
kodapa	omfg pypi is down :(	15:50
dolphm	chmouel: you mean after your change, correct?	15:51
chmouel	dolphm: yeah	15:51
chmouel	dolphm: I was doing on a group before (Admin)	15:52
swill	chmouel: well the patch applied cleanly. ;) testing now.	15:52
dolphm	chmouel: my only concern is that it could be a dangerous convention to imply admin rights, so I just want to make sure everyone understands the implications :)	15:52
*** dragondm has joined #openstack		15:53
chmouel	dolphm: yep this is definitively need to be documented, I would not mind this to be off by default, but I would assume this is what the user would expect for swift	15:53
chmouel	at least coming from RAX cloudfiles	15:54
*** dragondm has quit IRC		15:54
*** dragondm has joined #openstack		15:55
dolphm	chmouel: i can see it being intuitive, but just because I have a user named 'john' and a tenant named 'john', that doesn't guarantee they're related, much less the same entity... unless everyone using swift expects that to be the behavior	15:56
*** cp16net has joined #openstack		15:56
*** lionel has quit IRC		15:57
*** dragondm_ has joined #openstack		15:57
*** lucrecius has quit IRC		15:57
*** lionel has joined #openstack		15:58
*** dragondm_ has left #openstack		15:58
*** po has joined #openstack		15:58
chmouel	dolphm: ok... so how do I think I should implement the ownership of an account? By a Group?	15:58
kodapa	ERROR [root] invalid sha512-crypt hash	15:58
kodapa	keystone	15:58
kodapa	anyone knows why?	15:58
*** krow has joined #openstack		15:59
notmyname	chmouel: dolphm: not knowing much about the details, I think dolphm makes a pretty good argument	16:00
chmouel	yep that's fair	16:00
koolhead17	so keystone uses Passlib and Dash uses Pycrypto is it?	16:00
*** jkyle has joined #openstack		16:00
*** jedi4ever has quit IRC		16:00
dolphm	chmouel: well, Roles?	16:00
dolphm	koolhead17: is one better than the other somehow?	16:01
dolphm	i think we used passlib because some other project was using it	16:01
*** jedi4ever has joined #openstack		16:01
koolhead17	i donno am kicking my ass figuring out the deps	16:01
dolphm	:(	16:01
koolhead17	dolphm, dash uses pycrypto	16:01
dolphm	koolhead17: i know someone said they couldn't find passlib in ... fedora (?)	16:02
*** jedi4ever has quit IRC		16:02
*** deshantm_laptop has quit IRC		16:02
koolhead17	dolphm, they could have easily installed it from PIP/easy_install :P	16:02
koolhead17	i think that is were kodapa is stuck	16:03
swill	chmouel: wow, i should have noticed this before (thanks to catch_errors, i see it now). I know the 500 error I am getting right now is this one: proxy-server Error: http_connect_raw() got an unexpected keyword argument 'timeout'	16:03
chmouel	swill: that's a heu weird error, what version of swift are you using?	16:04
swill	chmouel: I was getting that before as well.	16:04
swill	chmouel: latest checkout from github	16:04
swill	chmouel: as well as the latest code from keystone (with your patch).	16:04
*** bergerx has quit IRC		16:05
swill	chmouel: that is the same error i was getting before i patched, I saw it as soon as i added catch_errors	16:05
*** nyeates has joined #openstack		16:05
*** dobber has quit IRC		16:05
*** guigui has quit IRC		16:06
swill	you can confirm that there is no timeout parameter here: https://github.com/openstack/swift/blob/master/swift/common/bufferedhttp.py	16:06
chmouel	swill: yep i wonder how come i add that there and it works for me	16:07
chmouel	give me2s	16:07
swill	chmouel: probably because it does not hit that because it is getting it from memcache on your machine	16:07
*** adjohn has joined #openstack		16:07
*** dysinger1 has quit IRC		16:07
swill	chmouel: it only hits it for the non-admin account for me.	16:08
koolhead17	Razique, ping	16:08
*** obino has quit IRC		16:08
*** obino has joined #openstack		16:09
*** reidrac has quit IRC		16:09
chmouel	swill: not sure, going to remove it	16:09
*** freeflying has joined #openstack		16:11
koolhead17	will anyone care to share his working keystone table?	16:12
koolhead17	db	16:12
*** rnirmal has joined #openstack		16:12
swill	chmouel: i removed it and now i get the 403 error again (which is good). now i just need to resolve that issue.	16:12
chmouel	swill: great, I am going to update it and going to disable if username == tenantName then make swift_owner and make it as an option (off by default)	16:13
chmouel	dolphm: ^^^	16:14
*** ayates83 has joined #openstack		16:14
*** freeflyi1g has quit IRC		16:14
*** dysinger has joined #openstack		16:15
*** tylesmit has joined #openstack		16:15
*** mindpixel has quit IRC		16:15
uvirtbot	New bug: #893662 in quantum "Cisco CLI needs to work from installed packages" [Undecided,In progress] https://launchpad.net/bugs/893662	16:16
*** deshantm_laptop has joined #openstack		16:16
swill	chmouel: do you know why i am getting a 403 error? is that part of what you are working on?	16:16
dillon-w	Razique : never mind, i fixed it. :)	16:16
swill	chmouel: i can confirm that the correct identity has been returned by keystone.	16:16
*** nerdstein has quit IRC		16:17
chmouel	swill: I am about to change this part of the code	16:18
swill	chmouel: ok. let me know when you have a patch and I will test it for you. :)	16:18
*** jdg has joined #openstack		16:19
chmouel	tks, you will basically need to have your user with right role (specified by keystone_swift_operator_group option) which would give ACL for other users	16:19
*** dillon-w has quit IRC		16:20
*** TheOsprey has quit IRC		16:20
*** guigui has joined #openstack		16:21
uvirtbot	New bug: #893663 in quantum "Cisco CLI module does not work with installation" [Medium,In progress] https://launchpad.net/bugs/893663	16:21
*** redconnection has quit IRC		16:24
kodapa	FaultWrapper: Values instance has no attribute 'keystone_ec1_url'	16:24
kodapa	Anyone? :P	16:24
*** cereal_bars has quit IRC		16:25
*** guigui has quit IRC		16:25
swill	chmouel: keystone_swift_operator_group option is added to the swiftauth filter or where?	16:25
uvirtbot	New bug: #893665 in quantum "Inconsistencies in the testing section of the Cisco README" [Medium,New] https://launchpad.net/bugs/893665	16:26
chmouel	swill: not yet, I am going to put that by writting and post it to the mailing list before this is implemented inc ase I am missing something	16:26
swill	maybe its just not in the code yet. i will let you work and you can tell me when you have something for me to test.	16:26
swill	chmouel: ok cool.	16:26
*** vidd-away is now known as vidd		16:27
*** lorin1 has quit IRC		16:28
*** popux has quit IRC		16:28
agosse	chmouel: any hints as to what the /srv/nodes directory should look like? or, should some process create it? or, should it be created automatically by installing something (that in this case I might have missed)?	16:29
*** ayates83 has quit IRC		16:30
*** nerens has quit IRC		16:34
*** dysinger has quit IRC		16:34
*** ayates83 has joined #openstack		16:34
btorch	agosse: In swift the /srv/node is just a directory that you would created (manually) where you will have more directories like sd[a-z] for example where you will mount your devices	16:34
*** dobber has joined #openstack		16:35
agosse	btorch: the starter guide and saio both say to create /srv/[1-4]/node/foo	16:37
agosse	the cacti version of the starter guide says to create /srv/node	16:37
*** nerdstein has joined #openstack		16:37
btorch	agosse: ok .. I thought you were refering to a regular setup	16:37
agosse	btorch: i'm a nub, so i have no concept of "regular"	16:38
agosse	;-)	16:38
*** dysinger has joined #openstack		16:38
*** krow has quit IRC		16:38
agosse	does anyone awake here work on atlas-lb?	16:39
*** dysinger has quit IRC		16:39
agosse	just out of curiosity	16:39
*** redconnection has joined #openstack		16:39
*** kbringard has joined #openstack		16:41
btorch	agosse: no worries ... I need to check that saio doc since I haven't checked that in a while but the "devices" parameter and rsync configs is what will use the "/srv/node" direcotry	16:41
*** chemikadze has quit IRC		16:41
*** chemikadze has joined #openstack		16:41
*** CaptTofu has quit IRC		16:42
btorch	agosse: like for example .. on my saio setups I just have /srv/node/sd[a-d] and then I just mount either a block device or a imagefile on each location ... I don't really use the saio docs literaly :)	16:43
*** dobber has quit IRC		16:43
btorch	agosse: checkout the http://swift.openstack.org/1.4.3/development_saio.html doc	16:44
chmouel	swill: so about your 403, what group/roles your user you are testing with is in ?	16:45
btorch	agosse: there is section there for "Using a loopback device for storage" that will help you out	16:45
swill	chmouel: I am testing with a keystone role of Member (does not have any association with anything else from what I can tell).	16:45
swill	chmouel: i had a hard time understanding how I should be setting up the roles in keystone in order to give acl permissions.	16:46
*** irahgel has left #openstack		16:46
swill	chmouel: let me test another user in the Admin role	16:46
chmouel	do you have anything special in keystone_admin_group setting ?	16:47
chmouel	swill: ^^	16:47
swill	chmouel: no, it is the default 'Admin'	16:47
chmouel	so the user who's owner of that account would be the one that are inside the Admin group	16:48
agosse	btorch: yea - there's a bit of interesting linking and stuff going on around that part of the instructions. even funnier is the fact that if you're using the web-based viewer and you hit the next button, it skips right pass both the physical partition and the loop device bits!	16:49
chmouel	and that user after would give persmissions to other users for different containers readwrit etch	16:49
swill	chmouel: ok, i just added another user to the Admin role and i just tested with that user and it works.	16:49
chmouel	swill: cool, so yeah that's what we were talking about	16:50
swill	chmouel: how do you give permissions? and when you talk about an 'account' what are your referring to? a tentant?	16:51
*** Ryan_Lane has joined #openstack		16:51
chmouel	chmouel: yep tenant(keystone)==account(swift)	16:51
agosse	btorch: simple steps, but when you're working through a 50-step procedure and the problem you introduced in step 13 doesn't manifest until like step 48 it's all a bit hairy. (at least, my desk an keyboard are after pulling all of my hair out) ;-) Thanks for the help!	16:51
chmouel	chmouel: to give permission you can use the swift tool (see the --help)	16:51
swill	chmouel: in 'swift --help' i do not see anything about giving users permissions.	16:53
swill	sorry, my fault	16:54
*** andyandy has joined #openstack		16:54
swill	i did not see everything.	16:54
*** andyandy_ has joined #openstack		16:54
chmouel	http://pastie.org/private/4vjbwreo365cgrrbwdqfda	16:54
chmouel	no worries	16:54
* koolhead17 raises his hand and shouts for help		16:55
koolhead17	DEBUG:django_openstack.api:auth_api connection created using url "http://192.68.1.5:5000/v2.0/"	16:56
chmouel	koolhead17: you want to have a working keystone initial data?	16:56
koolhead17	chmouel, yes a sql file will help better, because sampledata files seems too old which i imported	16:56
koolhead17	also DEBUG:django_openstack.api:auth_api connection created using url "http://192.168.1.5:5000/v2.0/"	16:56
koolhead17	it makes me feel dash is talking to keystone isn`t it?	16:57
*** coli has quit IRC		16:58
chmouel	koolhead17: I am not sure tbh	16:59
swill	chmouel: so should anyone outside of the keystone_admin_group be able to do anything with the 'swift' command? if so, does each user have to be explicitly setup by an admin?	17:00
koolhead17	but once i add credentials and click the server gets killed :D	17:00
*** rnorwood has joined #openstack		17:01
*** rsampaio has joined #openstack		17:01
chmouel	swill: they won't be able to do anything	17:01
vidd	koolhead17, how did you add dash/horision?	17:02
chmouel	swill: and yeah it needs to be set explicitely on each container that this other user have those ACL	17:02
swill	chmouel: ok. so only the users in the keystone_admin_group will be able to use the 'swift' command. ok...	17:02
chmouel	swill: yeah at first until that user give permission to other user on that same account	17:02
andyandy_	I want to use a flat network and different subnetwork for each project, can I do it with FlatDHCPManager or I have to use the FlatManager mode? thank you	17:03
koolhead17	vid simple i installed quantum saperately	17:03
koolhead17	in the virtualenv of dashboard :D	17:03
*** guigui1 has joined #openstack		17:03
koolhead17	thanks to kodapa	17:03
swill	chmouel: ok, i will play for a bit and see if I can put together a few working examples for me to test. thanks...	17:03
koolhead17	vidd, now i need your help	17:03
vidd	so you are still doing "git"	17:03
koolhead17	vidd, yes	17:04
koolhead17	:D	17:04
vidd	what OS are you installing on?	17:04
chmouel	swill: yeah it's a bit confsing but I am stil working on it once this is all working I'll make a nice blog post or something like this to explain	17:04
kodapa	chmouel: I want initial data :D	17:05
vidd	koolhead17, ubuntu or something else	17:05
koolhead17	ubuntu :D	17:05
kodapa	chmouel: I can login to dashboard	17:05
kodapa	chmouel: But Unable to list users: [Errno 111] ECONNREFUSED in Users list	17:05
vidd	koolhead17, if you are using ubuntu, why not use Kiall 's ppa?	17:05
kodapa	chmouel: and Unable to get service info: This error may be caused by a misconfigured nova url in keystone's service catalog, or by missing openstackx extensions in nova. See the dashboard README.	17:05
koolhead17	vidd, because am experimenting :D	17:06
vidd	koolhead17, anyway..that is unimportant	17:06
koolhead17	vidd, true	17:06
chmouel	I am using that https://github.com/openstack/keystone/blob/master/keystone/test/sampledata.py but I am not an expert in horizon/keystone	17:07
koolhead17	vidd, help needed there --> keystone talking dash :P	17:07
koolhead17	i wonder WTF my dash gets killed once i pass user credentials :(	17:08
*** catintheroof has quit IRC		17:08
vidd	you set up the horizon database to use mysql or the sqlite default?	17:09
koolhead17	mysql	17:09
*** sandywalsh has joined #openstack		17:10
vidd	is the database populated?	17:10
*** dubsquared has quit IRC		17:11
*** vladimir3p has quit IRC		17:12
koolhead17	yes i can see 5 different table	17:12
vidd	anything in the "django_session" table?	17:12
koolhead17	lemme check	17:12
*** pixelbeat has quit IRC		17:13
*** foexle has quit IRC		17:13
koolhead17	vidd, its empty	17:13
koolhead17	and also i have not added that api-paste.ini with keystone info in nova, i am guessing that could be issue there	17:14
vidd	add some bogus data there and set it to an expire date that is "in the past"	17:14
vidd	koolhead17, it will be an issue for nova talking to keystone [and by extention horizon seeing nova] but that is not the issue you are currently having	17:15
koolhead17	ooh okey	17:15
vidd	we shall burn that bridge next	17:15
vidd	=]	17:16
koolhead17	:)	17:16
vidd	also, how are you launching the dashboard?	17:17
koolhead17	via browser	17:18
vidd	i think you misunderstand the question.....	17:19
koolhead17	ummo k	17:19
vidd	did you add horizon manually to apache or are you using the "launch dashboard" script?	17:19
koolhead17	am using native django server now apache	17:19
kodapa	vidd: I'm having problems with keystone	17:20
vidd	kodapa what issue?	17:20
kodapa	vidd: issue 1: Unable to list users: [Errno 111] ECONNREFUSED in /syspanel/users/	17:20
kodapa	vidd: issue 2: Unable to get service info: This error may be caused by a misconfigured nova url in keystone's service catalog, or by missing openstackx extensions in nova. See the dashboard README.	17:20
kodapa	vidd: I am able to login to dashboard, however	17:20
kodapa	vidd: euca-tools isn't working either	17:21
kodapa	vidd: with the keystone api-paste	17:21
vidd	koolhead17, so what you have is instead of apache giving you an error message like"unable to read session" django is just crashing =]	17:21
*** vdo has quit IRC		17:21
koolhead17	yes	17:21
kodapa	koolhead17: check if you get any python exceptions	17:21
koolhead17	:(	17:21
vidd	koolhead17, did you add that bogus data to the "django_session" field?	17:22
kodapa	vidd: I'm dunning keystone and dashboard from git branch stable/diablo	17:22
kodapa	vidd: also running nova-compute packages from ubuntu 11.10 repos	17:22
*** coli has joined #openstack		17:22
koolhead17	vidd, not yet	17:22
vidd	kodapa pastebin me your endpoint templates from keystone database	17:22
kodapa	vidd: okej	17:22
vidd	koolhead17, the bogus data should fix you right up	17:23
kodapa	vidd: http://pastebin.com/Uc1bTT9M	17:23
*** mdomsch has joined #openstack		17:23
vidd	ok ppl...please do not pm me....i cant help 2 ppl at the same time in 3 differnt windows =]	17:24
vidd	i can only do 5 thingsa t once =]	17:24
*** maplebed has joined #openstack		17:25
vidd	kodapa your templates look off	17:26
uvirtbot	New bug: #893689 in keystone "document-database-schema" [Undecided,New] https://launchpad.net/bugs/893689	17:26
kodapa	vidd: hm	17:26
*** ohnoimdead has joined #openstack		17:26
vidd	kodapa check out my keystone database loader script and fix your endoint templates based on that info https://github.com/vidd/openstack_installer/blob/master/keystone_template.sh	17:27
kodapa	I think I see the error xD	17:28
vidd	koolhead17, how did adding the data go?	17:28
koolhead17	vidd, i have added one with past date and values	17:29
vidd	if you dont know how to add data....open phpmyadmin if you have it	17:29
*** nerens has joined #openstack		17:29
vidd	ok....do you get in ?	17:29
*** pradeep has quit IRC		17:29
koolhead17	vidd, yes there are fields which i populated there in django_sessions	17:30
koolhead17	as u mentioned i provided expiry date of past	17:30
vidd	koolhead17, restart dashboard and see if it will let you in	17:30
*** adjohn has quit IRC		17:30
koolhead17	k	17:30
*** abecc has quit IRC		17:34
kodapa	vidd: okay now user management works	17:35
kodapa	vidd: but still Unable to get usage info: This error may be caused by a misconfigured nova url in keystone's service catalog, or by missing openstackx extensions in nova. See the dashboard README.	17:35
*** llang629 has joined #openstack		17:35
*** abecc has joined #openstack		17:35
*** helfrez has quit IRC		17:36
vidd	is the user you are logged into part of the "Members" group? ["Members" is a specific role expected by horizon]	17:36
*** Razique has quit IRC		17:38
*** juddm has joined #openstack		17:39
*** catintheroof has joined #openstack		17:39
*** javiF has quit IRC		17:39
*** llang629 has left #openstack		17:40
*** dotdevops has joined #openstack		17:40
uvirtbot	New bug: #893692 in devstack "stack.sh fails with ImportError in glance add" [Undecided,New] https://launchpad.net/bugs/893692	17:40
*** dotdevops has quit IRC		17:41
*** acomisario_ has joined #openstack		17:41
*** dotdevops has joined #openstack		17:42
kodapa	vidd: yes	17:43
kodapa	vidd: and admin	17:43
*** CaptTofu has joined #openstack		17:44
kodapa	brb dinner	17:44
vidd	"Members" [with a capital m]	17:44
vidd	"members" != "Members"	17:45
*** juddm has quit IRC		17:45
*** juddm has joined #openstack		17:46
*** dotdevops has joined #openstack		17:48
*** heckj has joined #openstack		17:49
*** nyeates has quit IRC		17:51
koolhead17	vidd, no luck	17:52
koolhead17	:(	17:52
*** TheOsprey has joined #openstack		17:52
koolhead17	yet same thing am not sure if am adding data in correct table	17:52
vidd	do you get a traceback?	17:52
*** dirkx_ has joined #openstack		17:53
koolhead17	testhi2011-11-20 00:00:00	17:53
koolhead17	this is what i added in my django_session table	17:53
*** jedi4ever has joined #openstack		17:54
vidd	koolhead17, that should work	17:54
*** dachary has quit IRC		17:54
koolhead17	nopes notthing just django server gets killed after passing message DEBUG:django_openstack.api:auth_api connection created using url "http://192.168.1.5:5000/v2.0/"	17:54
vidd	pastebin me your local_setting.py	17:56
koolhead17	k	17:56
kodapa	vidd: Yes, Members	17:56
kodapa	vidd: In nova-api.log: No route matched for GET /1/admin/services	17:57
*** jdurgin has joined #openstack		17:57
*** Pr0toc0l has joined #openstack		17:59
vidd	kodapa you made the proper changes to api-paste?	17:59
kodapa	vidd: I'm not sure :P	18:00
koolhead17	vidd, http://paste.ubuntu.com/746170/	18:00
koolhead17	vidd, catch u in sometime.	18:01
* koolhead17 leaves home		18:01
vidd	kodapa how about your nova api-paste.ini?	18:01
*** dolphm has quit IRC		18:01
*** guigui1 has quit IRC		18:02
*** koolhead17 is now known as koolhead17\|away		18:03
*** kaigan_ has quit IRC		18:03
kodapa	vidd: http://pastebin.com/0mUXD0Mh	18:06
vidd	kodapa the paste you sent earlier with your endpoints had keystone admin listening on 5001 not 35357 ... dis you fix this already?	18:08
kodapa	vidd: keystone admin is running on port 35357	18:12
vidd	you updated you endpoint templates?	18:13
kodapa	vidd: yes	18:13
*** nerens has quit IRC		18:13
kodapa	vidd: http://pastebin.com/dPg0c8f6	18:13
*** _rfz has quit IRC		18:13
*** dachary has joined #openstack		18:15
vidd	hrm...idk kodapa	18:16
*** agosse has quit IRC		18:16
kodapa	vidd: the error in nova-api is No route matched for GET /1/extras/usage from	18:16
vidd	the error message suggests that horizon is making the call to keystone, keystone is passing the request to nova, and nova is saying it cant verify authentication to send the requesed info back	18:17
vidd	im sure ther is something simple wrong...but i dunno where to look =\	18:18
*** scottsanchez has quit IRC		18:21
kodapa	vidd: euca-tools isn't working either :(	18:22
kodapa	vidd: Warning: failed to parse error message from AWS: <unknown>:1:0: syntax error	18:22
*** bengrue has joined #openstack		18:22
kodapa	vidd: nova.api [-] 0.5419s 10.10.10.10 POST /services/Cloud/ None:None 400 [Boto/2.0 (linux2)] application/x-www-form-urlencoded text/plain	18:22
*** dpippenger has quit IRC		18:23
*** dotdevops has quit IRC		18:24
kodapa	vidd: :/	18:26
*** nacx has quit IRC		18:26
*** dendrobates is now known as dendro-afk		18:28
*** mcclurmc has quit IRC		18:29
*** Pr0toc0l has quit IRC		18:30
*** mcclurmc has joined #openstack		18:30
uvirtbot	New bug: #893703 in openstack-integration-tests "Add metadata operations test test_images.py in strorm/tests" [Undecided,New] https://launchpad.net/bugs/893703	18:31
*** krow has joined #openstack		18:31
*** darraghb has quit IRC		18:32
*** koolhead17 has joined #openstack		18:33
vidd	kodapa is the user from env \| grep NOVA an Admin user in keystone (with tenant=NULL)	18:33
Kiall	vidd: Looks like the essex dashboard (mostly) works with diablo BTW	18:37
*** bonzay is now known as zz_bonzay		18:38
vidd	Kiall, nice	18:38
Kiall	The only (new) bug I've found so far is on the new instance detail page..	18:38
Kiall	if a server has a volume attached, it croaks.	18:38
vidd	but how often does THAT happen =]	18:39
vidd	hehe	18:39
*** Ryan_Lane has quit IRC		18:39
Kiall	lol, there is noting that important on the page..	18:40
*** mnour has quit IRC		18:40
vidd	any idea how to get the volume manager into the diablo dashboard?	18:40
Kiall	That would be a PITA	18:41
*** reiddraper has joined #openstack		18:41
vidd	so's not being able to add volumes via the GUI =]	18:41
*** nRy has joined #openstack		18:42
*** chomping has quit IRC		18:42
kodapa	vidd: hmm	18:43
kodapa	vidd: it should be	18:43
vidd	kodapa look at my "convert_keystone" script to see how i get euca to work with keystone: https://github.com/vidd/openstack_installer/blob/master/convert_keystone.sh	18:45
kbringard	where are you adding ec2 credentiald to keystone?	18:46
vidd	kbringard, in my user_add_keystone.sh script =]	18:47
kbringard	ahhhh, nice	18:48
koolhead17	kbringard: supp	18:48
kbringard	I have everything setup and working, but I was having trouble getting ec2 creds added to keystone	18:48
kbringard	mostly because I had only spent 30 seconds looking at it ;-)	18:48
koolhead17	vidd: you are here for sometime right	18:48
*** dendro-afk is now known as dendrobates		18:48
* koolhead17 kicks kbringard		18:48
kbringard	hey koolhead17 :-)	18:48
vidd	yeah...probably the next -12 hours =]	18:49
kbringard	I'm becoming more impressed with Crowbar the more I use it	18:49
koolhead17	vidd: awesome.	18:49
vidd	kbringard, are you going to be stealing my script? =]	18:50
kbringard	perhaps… more than likely I'll use it as the basis for a new script to add users straight into keystone, instead of parsing their novarcs	18:51
kodapa	vidd: hmm I'm missing --keystone_ec2_url in /etc/nova/nova.conf	18:51
vidd	[all my scripts are "public-domain....therefore cannot be "stolen"]	18:51
kodapa	vidd: what should it be?	18:51
kbringard	vidd: likewise	18:51
kbringard	at least the ones I put out there… if I'm not allowed to share something for whatever reason I just don't put it out there :-D	18:52
Kiall	vidd: essex dashboard packages will be up @ https://launchpad.net/~managedit/+archive/openstack-testing/ in a bit...	18:52
vidd	kodapa --keystone_ec2_url=http://$keystone_server:5000/v2.0/ec2tokens	18:52
kbringard	vidd: what happens in this case if the tennant is already there?	18:53
kbringard	tenant*	18:53
kbringard	spelling is hard	18:53
vidd	then dont re-add the tenant?	18:53
kbringard	well right, I was just curious if you knew how keystone reacted to trying to add an already existing tenant	18:54
vidd	in my scripts, i build a sys-admin account for keystone	18:54
vidd	kbringard, keystone-manage throws an error and keeps chugging alone with the reset of the script	18:55
kbringard	ah, nice	18:55
*** nerens has joined #openstack		18:55
kbringard	and if I don't want this user to be an admin, I just don't grant them the Admin role, correct?	18:55
kbringard	or KeyStoneServiceAdmin	18:56
uvirtbot	New bug: #893710 in quantum "Importing Quantum Tools library is in conflict with Keystone Tools library" [Undecided,In progress] https://launchpad.net/bugs/893710	18:56
vidd	if you dont give him admin, he cant use euca	18:56
kbringard	orly? interesting	18:56
*** anotherjesse has joined #openstack		18:56
kbringard	so… how do you make someone the equivalent of is_admin = 0?	18:56
vidd	admin=euca/glance [maybe swift?]	18:56
vidd	member = horizon/dashboard	18:57
vidd	keystone-stuff = keystone stuff	18:57
Kiall	vidd: nope! users can use euca2ools with or without the admin role.	18:57
Kiall	My account does not have admin rights, yet I can use them...	18:58
vidd	Kiall, my experience says differently...but then again, i only JUST got all my stuff to work properly =]	18:58
*** lorin1 has joined #openstack		18:58
vidd	Kiall, so you can do euca-describe-[blah] without being in the admin tenant?	18:59
*** Ryan_Lane has joined #openstack		18:59
vidd	or the admin role	18:59
kodapa	damnit	18:59
Kiall	vidd: yup	18:59
*** AlanClark has quit IRC		19:00
vidd	Kiall, then perhaps the messed up keypoint templtes was throwing me off b4 =]	19:00
Kiall	I'd bet it was ;)	19:00
*** dpippenger has joined #openstack		19:00
vidd	kbringard, Kiall trumps me =]	19:00
Kiall	Keystone is really really simple, so long as you give it the right data!	19:00
vidd	keystone is evil....reminds me of one of my ex's	19:01
kbringard	Kiall: yea, I figured, the trick is just figuring out what the right data is ;-)	19:01
Kiall	vidd: once the 2x green cog's on the right change to ticks... those packages are ready '_ https://launchpad.net/~managedit/+archive/openstack-testing	19:01
vidd	do exactly what she says and everything is fine...slip up one tiny thing and your sleeping on the curb!	19:02
Kiall	vidd: you had completely wrong stuff in there ;)	19:02
kodapa	asdf	19:03
vidd	kodapa whats up?	19:04
*** dotdevops has joined #openstack		19:04
vidd	Kiall, did you have a change to field-test my scripts?	19:04
Kiall	Just ordered another 24 GB ram for each of nodes... memoryc.com does great deals 72GB server ram for under €500 :)	19:05
*** rustam has quit IRC		19:06
Kiall	Really hoping it doesnt turn out to be crap memory.. but for that price, whatever.. I'll bite ;)	19:06
vidd	Kiall, when the time comes for migrating windows servers...im going to tell them they have to be re-provisioned....	19:07
Kiall	vidd: havent had a chance yet...	19:07
kbringard	we ordered my compute nodes with 128 to start with	19:07
Kiall	have you tried a linux migration yet?	19:07
vidd	no...im still waiting for them to give me servers to handle it	19:07
kodapa	vidd: shits not working :P	19:08
vidd	im wondering how to do a of=>>network-path	19:08
Kiall	boot from CD, mount NFS or whatever .. easy	19:09
vidd	Kiall, TBH im a bit nervous about migrating these old servers	19:10
vidd	etch and older shiver	19:10
Kiall	just dont get the if=/of= backwards and you cant damage them ;)	19:10
vidd	hehe	19:11
Kiall	BTW - Doing it over the network is probably a bad idea..	19:11
Kiall	Lets say they have 500GB of HD space.. then.. its going to be 500GB network transfer	19:11
vidd	"whoops...THAT one needs to be reprovisioned...its OK it just had the billing database...."	19:11
Kiall	probably faster going to a USB drive, then compressing it with qemu-img, and then pushing it over the network	19:11
vidd	"note to self...need to aquire 2 TB+ usb drives"	19:12
coli	Kiall, it seems that you know a lot about keystone :-) by any chance do you know if this statement about keyston regarding swift is still valid ? "Keystone currently allows any valid token to do anything with any account."	19:13
coli	it's from http://keystone.openstack.org/configuration.html	19:13
jdg	Hey Vidd, getting ready to try out your script	19:13
vidd	jdg good luck...and let me know of anything	19:13
vidd	so much as a typo in an "echo" command =]	19:14
jdg	vidd: I'll keep you posted, actually I don't think I need to modify anything in noav-settings after giving it my static IP.	19:14
vidd	jdg, my scripts build that file for ya...and all the other data files	19:15
Kiall	coli: i dont use swift, but there is a ticket filed to have that either removed or explained...	19:15
Kiall	might be more detail in that	19:16
Kiall	it was filed by dolphm if that helps finding it ;)	19:16
coli	kiall: so what are you using as storage for glance ? (if not swift)	19:16
koolhead17	Kiall: hello there :)	19:16
Kiall	coli: glance can just store images straight to disk.. swift is completely optional	19:17
vidd	Kiall, the reason i asked about of=>>network-path is for local testing =]	19:18
coli	kiall: I'm doing this like that right now, however I was thinking that the bigger and more knowledgable people do it differently ;-)	19:18
Kiall	ah .. yea.. save yourself some time and install a test box with like a 5GB root partition ;)	19:18
Kiall	and dont forget to switchout the standard kernels for the virtual equivalents BTW	19:19
Kiall	coli: im sure many of them do, but the glance file store works fine for my use case	19:19
*** joesavak has joined #openstack		19:21
sloop	does anyone use openstack in a useful, production environment?	19:21
Kiall	sloop: nope, nobody ;)	19:22
koolhead17	lol	19:22
Kiall	(I'm kidding BTW)	19:23
sloop	figured :)	19:23
sloop	it seems like the cycle is: 1) read great press about openstack 2) try to get it working 3) come on irc 4) try some more 5) give up	19:23
*** dendrobates is now known as dendro-afk		19:24
kbringard	sloop: I don't know who can or can't talk about what, but I can tell you there are people who are using it in a useful, production environment	19:24
Kiall	sloop: lol .. install ubuntu 11.04 .. clone this repo http://github.com/managedit/openstack-setup .. edit settings file.. type "./all-in-one.sh" .. done	19:25
Kiall	11.10*	19:25
sloop	lol ok sorry i'm just being cynical	19:25
*** JesperA has joined #openstack		19:28
*** anotherjesse has quit IRC		19:28
kbringard	hehe, it's cool, I didn't mean to dis, was just saying, I know there are people who are using it	19:28
*** clauden_ has joined #openstack		19:29
kbringard	I think a lot of what happens is, the people who are allowed to talk about what they've implemented are still in the discovery/proof of concept phase	19:29
*** jsavak has joined #openstack		19:29
kbringard	once they get past that phase, their employer locks down what they're allowed to discuss about what they're implementing and why	19:30
WormMan	and the rest of us just don't have time to talk any more :)	19:30
kbringard	at least, that's my theory :shrug:	19:30
kbringard	WormMan: lol, yes, plus once you're on the hook to deliver a prod environment you don't have time to chat any more	19:30
koolhead17	kbringard: +1 :P	19:31
* vidd is hoping to get to the "dont have time to talk" phase =]		19:32
*** imsplitbit has quit IRC		19:32
* koolhead17 kicks vidd		19:33
koolhead17	:D	19:33
* vidd canes koolhead17		19:33
*** joesavak has quit IRC		19:33
koolhead17	vidd: that would be scary :P	19:33
WormMan	I'm just trying to see how to manage my guest clock	19:33
*** pweiss has joined #openstack		19:33
WormMan	I really don't want to run ntp	19:33
WormMan	d	19:34
*** dirkx_ has quit IRC		19:35
vidd	im so looking forward to not having to spen 3 hours on the phone with a customer because others cant program a simple DSL modem =]	19:35
Kiall	gotta love nova's fondness of the dd command when you delete stuff -_-	19:35
*** clauden_ has quit IRC		19:38
*** sandywalsh has quit IRC		19:41
*** dendro-afk is now known as dendrobates		19:42
*** sandywalsh has joined #openstack		19:42
*** jdg has quit IRC		19:43
*** clauden_ has joined #openstack		19:45
koolhead17	vidd: does keystone has tag as well on github?	19:46
vidd	?	19:46
koolhead17	vidd: i meant tag for diablo for keystone	19:47
*** clauden_ has quit IRC		19:47
vidd	i woul imagine	19:47
*** clauden has joined #openstack		19:47
vidd	i dont use git...i use Kiall 's repos	19:47
Kiall	koolhead17: if you are getting the code for git, you probably dont want the tag anyway. the stable/diablo branches are .. well .. the stable version of diablo	19:48
*** redconnection has quit IRC		19:48
koolhead17	Kiall: thanks. :)	19:48
*** dolphm has joined #openstack		19:49
koolhead17	Kiall: i just want to get used to this github thing, once am there and done will use your PPA :D	19:49
vidd	koolhead17, why would you WANT to use the git's?	19:52
vidd	take it drom me...its like trying to use a crowbar to open a winebottle	19:53
*** MarkAtwood has quit IRC		19:53
*** redconnection has joined #openstack		19:54
vidd	[or a spoon to back-the Grand Canyon]	19:54
vidd	back-fill	19:54
*** hingo has joined #openstack		19:55
*** sandywalsh has quit IRC		19:55
Kiall	yea, end users of openstack really aren't meant to be using the git repos etc.. The git repos are really for developers and packagers..	19:55
*** hggdh has quit IRC		19:56
kodapa	vidd: I'm getting this in keystone log in verbose mode: http://pastebin.com/enLxKMP0	19:57
kodapa	vidd: that aint right?	19:57
kodapa	WHERE credentials.type = ? AND credentials."key" = ?	19:57
kodapa	nvm	19:57
Kiall	kodapa: its a prepared statement, they will get filled in..	19:57
kodapa	Kiall: Yeah	19:58
kodapa	I'm a little bit tired after 55+ hours trying to get openstack up :P	19:58
kodapa	55+ working hours	19:58
kodapa	stupid shit	19:58
kodapa	giving up soon	19:59
vidd	kodapa what os are you using?	19:59
kodapa	vidd: ubuntu 11.10	19:59
vidd	kodapa make it easier on yourself...use either Kiall 's or my scripts =]	19:59
*** jmckenty has joined #openstack		19:59
kodapa	vidd: It's not a single server setup	19:59
Kiall	doesnt matter ;)	20:00
*** swill has quit IRC		20:00
kodapa	I had everything running yesterday	20:00
kodapa	But then a nova-compute update from apt repos broke everything	20:00
vidd	total setup from starting clean install to launching first instance with my script < 3 hours (while making adjustments to botched scripts)	20:01
kodapa	They removed some stuff so my api-paste broke	20:01
Kiall	vidd: lol? really?	20:01
kodapa	vidd: point is, I have deadline tomorrow	20:01
Kiall	I've got it down to under 30 minutes.. including installing the server ;)	20:01
kodapa	I'm fucked :P	20:01
vidd	kodapa no...use our scripts	20:02
vidd	Kiall, my time included formating the hard drives and my connection speed socks	20:02
vidd	Kiall, remember...i only have 2 gb of ram here =]	20:03
*** swill has joined #openstack		20:03
kodapa	vidd: no time reinstalling now	20:04
Kiall	lol, I have more than that in my desktop ;)	20:04
kodapa	vidd: i still had everything running yesterday	20:04
kodapa	until an apt-get upgrade	20:04
vidd	kodapa if you start fresh, we can get you at the bar in time for happy-hour =]	20:04
Kiall	Lol .. You can.. I'm out in a few ;)	20:04
koolhead17	vidd: :P	20:05
*** p0 has joined #openstack		20:05
kodapa	vidd: no	20:05
kodapa	it's time to prepare servers for move to the DC	20:05
kodapa	That's how we work, no time to finish things	20:06
coli	aall, what do you think about rackspaces refernce architecture for openstack ? http://www.referencearchitecture.org/	20:06
*** cereal_bars has joined #openstack		20:07
*** po has quit IRC		20:08
*** johnpur has joined #openstack		20:08
*** ChanServ sets mode: +v johnpur		20:08
Kiall	coli: honestly haven't read it..	20:09
*** deshantm_laptop has quit IRC		20:09
*** hggdh has joined #openstack		20:09
*** praefect has joined #openstack		20:11
*** anotherjesse has joined #openstack		20:12
coli	Kiall: just reading your scripts, and in all-in-one.sh there is a message "echo "\n\nAllow root remote access to SSH! Do this in another window!"" then SQL statment granting rights to mysql, shouldn't the statment be "access to MySQL" ?	20:12
coli	Kiall: or somehow later you set nss and pam to use mysql ?	20:13
Kiall	uhh	20:13
Kiall	yea	20:13
Kiall	it should say MySQL ;')	20:13
*** swill has quit IRC		20:13
coli	kiall: now... how should I trust the rest ? ;-)	20:13
*** anotherjesse has quit IRC		20:13
Kiall	all-in-one.sh is really a bit of a hack/experiment.. as the commit message says!	20:14
Kiall	https://github.com/managedit/openstack-setup/commit/a8fad5191d33e81f2cb517a4e4e76a35ac71b21c	20:14
vidd	coli, maybe you might want to look over mine =]	20:14
Ryan_Lane	I'm following this upgrade guide: http://docs.openstack.org/diablo/openstack-compute/admin/content/migrating-from-cactus-to-diablo.html	20:14
Ryan_Lane	and things aren't exactly working smoothly	20:14
Ryan_Lane	even at the first step	20:14
Ryan_Lane	the glance package errored out because it tried to update the database	20:15
Ryan_Lane	also, glance is installed on a node with other openstack packages, so apt-get upgrade is a really, really poor choice of commands to put into the documentation	20:16
coli	kiall: it was just a joke ;-) my sens of humor sometimes is bit twisted ;-)	20:16
*** imsplitbit has joined #openstack		20:16
coli	vidd: don't worry I will get there ;-)	20:16
Kiall	coli: no worries ;)	20:16
Ryan_Lane	I'm assuming it has an error because I used apt-get install glance python-glance?	20:16
kodapa	APUI)HFFPUHI)g	20:17
kodapa	fuck	20:17
DW-10297	coli: I don't think you can really take a cloud seriously if it says: SAN as Storage Option	20:17
DW-10297	Not available at this time.	20:17
Kiall	kodapa: password? lol	20:17
vidd	coli, my scripts do a bit more...like set each app with its own database usre and secure password	20:17
kodapa	Kiall: no, just rage	20:17
*** webx has joined #openstack		20:17
coli	I'm after my two first openstack installs from clean (just nova + glance), now getting ideas how to do it properly with keystone and dashboard	20:17
Ryan_Lane	anyone here have any idea about upgrading from cactus to diablo?	20:17
vidd	and changes rabbit user and pass to "not the default"	20:17
*** anotherjesse has joined #openstack		20:18
*** mgius has joined #openstack		20:19
koolhead17	bloody dash is like a gf with mood swing everyday.........	20:19
*** dgags has joined #openstack		20:19
kerouac	koolhead17: ok... so i don't install it then?	20:19
coli	vidd: that very wise from the security pov and says a lot about the author...	20:19
vidd	hehe koolhead17 its keystone that has the attitude =]	20:19
kerouac	i haven't installed a dashboard yet	20:19
*** tylesmit has quit IRC		20:20
koolhead17	kerouac: don`t worry your not alone :P	20:20
coli	DW-10297: like it or not they are making big money on cloud. marketing can do wonders to technology :-)	20:20
kerouac	:)	20:20
vidd	coli, i had the ocupation once of being security enforcment manager =]	20:20
koolhead17	vidd: haha. i was more concerned about the mood-swing part :P	20:20
vidd	login security	20:20
koolhead17	attitude can b handled	20:20
coli	vidd: you mean a bouncer ?	20:20
kerouac	can i use a different scheduler with nova?	20:20
vidd	no datacenter that processed online orders	20:21
Kiall	coli / vidd: yea.. see I went for as simple as possible.. Just get shit working and them let the sysadmin, ya know, do their job!	20:21
*** tylesmit has joined #openstack		20:21
kerouac	like, PBS?	20:21
*** anotherjesse has quit IRC		20:21
kodapa	vidd: wtf, now I'm getting CRITICAL nova [-] No module named ec2_token	20:21
kodapa	:S	20:21
DW-10297	coli: Sure they can because they're a managed service your average hosting customer isn't going to know that their data isn't replicated	20:21
coli	kiall: it's good as well from the proof-of-concept pov,everybody has differnt way to approach these projects	20:21
vidd	koolhead17, you obviously never dated the women I dated =]	20:21
koolhead17	vidd: i would agree on that. :P	20:22
vidd	kodapa you must have the broken keystone from apt-get	20:22
*** paltman_ has quit IRC		20:22
koolhead17	kodapa your almost there dude :)	20:22
kodapa	vidd: Yeah I'm trying everything now	20:23
koolhead17	:P	20:23
vidd	kodapa get Kiall 's ppa	20:23
Kiall	kodapa: yea the ubuntu packages are broken..	20:23
*** cburgess has quit IRC		20:23
*** cloudfly has quit IRC		20:23
vidd	im telling you...that and 15 minutes till beer-thirty	20:23
*** agy has quit IRC		20:23
*** mu574n9 has quit IRC		20:23
Kiall	(and missing piles and piles of bugfixes that have been released sinec)	20:24
vidd	apt no more "apt-get broke my stuff"	20:24
coli	DW-10297: they probably use just raid-10 local storage and iSCSI when need to move the compute node... whatever they are doing I would love to know how, as they are making money :-)	20:24
Kiall	diablo was rushed out the door just in time for oneiric, neither ended up having enough time..	20:24
DW-10297	coli: the data for the VMs is just stored on the individual nodes, if the node your application is hosted on explodes, the data is gone	20:25
kerouac	i haven't had opportunity for openstack to screw up on me	20:25
*** mu574n9 has joined #openstack		20:25
kerouac	so far it's been nice	20:25
*** agy has joined #openstack		20:25
kerouac	i'm using the more mature components, tho	20:25
Ryan_Lane	wait, is the ppa really broken?	20:25
kerouac	maybe that's why	20:25
vidd	kerouac, i was about to ask how long you used it...15 seconds =]	20:25
*** mu574n9 is now known as Guest73472		20:25
kerouac	vidd: i'm still a n00b	20:25
coli	DW-10297: the riskt for it expldoing is low, the sla guarantees just single mrc if things go bad.	20:26
*** hggdh has quit IRC		20:26
DW-10297	coli: it's basically the same as traditional VPS service	20:26
kerouac	and the demands/expectations for what i need from it are low at this time	20:26
coli	DW-10297: if the host breaks then disks usualy are fine, and you can move them to new machine	20:26
DW-10297	which people have been doing for like a decade	20:26
vidd	Ryan_Lane, if you are using straight-up *buntu, yes	20:26
Ryan_Lane	what about this one: https://launchpad.net/~openstack-release/+archive/2011.3	20:26
vidd	uhhh...dunno	20:26
Ryan_Lane	not that the upgrade instructions are actually working for me	20:26
coli	DW-10297: if just one disk fails then you can replace them quickly (had seen a supermarket troleys in leasweb full of disks for changing)	20:26
*** cburgess has joined #openstack		20:26
*** agy has quit IRC		20:27
coli	DW-10297: except for automation, how else does cloud really differ from vps ?	20:27
vidd	Ryan_Lane, try https://launchpad.net/~managedit/+archive/openstack/	20:27
WormMan	sigh, I'm gonna have to run ntpd in my guests aren't I	20:27
WormMan	sigh	20:27
*** agy has joined #openstack		20:27
Ryan_Lane	official docs say: https://launchpad.net/~openstack-release/+archive/2011.3	20:27
vidd	and how are they working out for you =]	20:28
Ryan_Lane	i'm not using some random ppa	20:28
coli	DW-10297: in my opinnion clould is just a new marketing mumbo jumbo, as the technology behind is as old as you saying just made more automated	20:28
Ryan_Lane	with typos in the docs	20:28
Ryan_Lane	that are for oneric	20:28
*** paltman has joined #openstack		20:28
DW-10297	coli: it's supposed to be highly available, so if one computing node fails the VMs running on that node start up on another node automatically, as far as I know Openstack is the only system that doesn't support shared storage	20:28
Ryan_Lane	I'm using lucid	20:28
coli	DW-10297: however as long as it's going to make me money I cannot compalin :-)	20:28
*** woleium has joined #openstack		20:28
vidd	Kiall, have you tested your stuff for natty?	20:28
Kiall	vidd: nope	20:28
Kiall	hence why the PPA only has oneiric packages	20:28
vidd	Ryan_Lane, are you intending on adding keystone at this time?	20:29
Ryan_Lane	nope	20:29
vidd	then that ppa should be fine	20:29
Kiall	I'm pretty sure a pile of python packages need backporting for diablo on natty.. hence I havent even tried	20:29
Ryan_Lane	ok	20:29
coli	DW-10297: it seems to be just a matter of time.	20:29
vidd	keystone/dashboard are what's borked 6 ways to next tuesday	20:30
coli	DW-10297: I'm just wondering doesn;t really support even iSCSI ?	20:30
DW-10297	coli: No, it's built in a way that assumes that your applications can be spread out among multiple hw nodes and it's intended that you will then pay for load balancing	20:30
*** hggdh has joined #openstack		20:30
vidd	Ryan_Lane, as far as typos in the documentation, it was written by razique...hes french =]	20:31
Ryan_Lane	heh	20:31
* Ryan_Lane dislikes ppas		20:31
coli	DW-10297: can you recommend other system which is adaptable, "sort of" compatible API with EC2 ?	20:31
* vidd hates ppa's as well		20:31
Kiall	DW-10297: openstack supports shared storage...	20:31
Ryan_Lane	you never know if someone is sticking nasty crap into them	20:31
kodapa	trying the ppa now	20:31
Kiall	both for nova-voulme and instance live migration	20:31
vidd	took a month before resigning to using Kiall 's ppa =]	20:31
Kiall	vidd: lol ;)	20:31
WormMan	I'm of the opinion that people should just learn to write software for the cloud, instead of trying to make the cloud into vmware :)	20:32
DW-10297	Kiall: really it's made to work with volumes hosted on ISCSI?	20:32
kerouac	what's ppa?	20:32
Kiall	woleium: agreed	20:32
*** jedi4ever has quit IRC		20:32
vidd	i have the holes in the wall to prove i tried otherwise =]	20:32
kerouac	link?	20:32
DW-10297	WormMan: the point is if you're asking someone to pay you to host it for them it's not really your place to say	20:32
WormMan	(yes, I admit, things like databases will still need shared/persistent storage until all the magical cloud dbs work right)	20:32
vidd	ppa = "personal Package Archive"	20:32
Kiall	DW-10297: eg https://github.com/openstack/nova/blob/svtable/diablo/nova/volume/san.py#L53	20:33
kerouac	oh	20:33
DW-10297	that's a 404	20:33
vidd	kerouac, https://launchpad.net/~managedit/+archive/openstack/	20:33
WormMan	if you want vmware live migration and HA, you're gonna pay for that, if you want cheap hosting and can write your app to be resilient, then the cloud it is	20:33
Kiall	DW-10297: uhh.. not its not?	20:33
kerouac	it's a good link	20:33
Kiall	DW-10297: weird	20:34
kerouac	reading..	20:34
Kiall	i just copied that from my browser -_-	20:34
Kiall	DW-10297: https://github.com/openstack/nova/blob/stable/diablo/nova/volume/san.py#L53	20:34
Kiall	no idea how i messed the link up -_-	20:34
WormMan	(for our couple db instances we're using NFS mounted to the VM)	20:34
DW-10297	The reference architecure published by rackspace even says: SAN as Storage Option Not available at this time.	20:35
kodapa	OMFG IT KINDA WORKS	20:35
kodapa	almost	20:35
kodapa	images broken	20:35
Kiall	DW-10297: the "reference architecure" is their template doc they send to cloudbuilders clients..	20:35
vidd	kodapa told ya... now for the "15 minutes" part =]	20:35
kodapa	:D	20:36
Kiall	Since they use all DELL HW, and and there is no Dell ISCSI code in nova, its not available via them	20:36
vidd	fix your images and you should be golden	20:36
*** exprexxo has joined #openstack		20:36
coli	DW-10297: in my opinnion cloud is supposed to be used for horizontaly scalling apps, otherwise it's a grid app	20:36
DW-10297	iscsi is an open protocol why does it need specific dell ISCSI code?	20:36
DW-10297	or hp/lefthand, etc	20:37
Kiall	DW-10297: because the iscsi protocol does not provide for provisioning.	20:37
*** sandywalsh has joined #openstack		20:37
*** sandywalsh_ has joined #openstack		20:37
Kiall	Hence why there is a HP/Lefthand driver in nova...	20:37
*** deshantm_laptop has joined #openstack		20:37
DW-10297	Sorry if I'm asking too many questions but why does it need to be provisioned, if you just have a large chunk of storage available via ISCSI can't nova simply manipulate the image files directly?	20:38
Kiall	DW-10297: Anyway - The point is, you are confusing "stuff rackspace sell's and support's" vs openstack	20:38
coli	wormMan: then what a cloud is ? is a grid or is it a automated ha version of vps ?	20:38
Kiall	neither	20:39
WormMan	I consider a cloud to be a an API to launch and terminate instances, what you do with it is up to you :)	20:39
Kiall	WormMan: exactly ;)	20:39
DW-10297	If I take a stock linux box and use an iscsi initiator to connect to an iscsi target and then create a fs/write files to /dev/sdxxxx there is no provisioning involved there.	20:39
Kiall	DW-10297: except thats not what nova wants..	20:40
DW-10297	That sounds like a nova problem	20:40
* Ryan_Lane groans		20:40
Ryan_Lane	glance upgrade failed	20:40
Ryan_Lane	glance-manage db_sync failed with this: (1050, "Table 'images' already exists")	20:41
Kiall	DW-10297: Maybe, but I reckon you don't understand the architecture and are jumping to conclusions over how you would do it...	20:41
*** MarkAtwood has joined #openstack		20:41
coli	wormman: os it's a grid :-) I didn't know then that I was using cloud some 20yrs back :-)	20:42
Kiall	Just think about having thousands of volumes - accessible from thousands of instances - spread over hundreds or more servers.. then let me know how 1 iscsi export is gonna do the trick...	20:42
coli	Kiall: thanks for pointing out the iScsi support, I was sure that I have seen it	20:43
koolhead17	Ryan_Lane: :)	20:44
*** nyeates has joined #openstack		20:44
DW-10297	So what happens when a user has equallogic, or any SAN that isn't HP or Solaris?	20:44
Ryan_Lane	glance-manage db_version -> 0	20:44
Ryan_Lane	why is it trying to create the images table?	20:45
Ryan_Lane	instead of trying to update it?	20:45
coli	DW-10297: user can write his own drivers ? ;-)	20:45
vidd	Ryan_Lane, sorry...dunno =\	20:46
*** Ryan_Lane is now known as Ryan_Lane\|away		20:46
Kiall	DW-10297: they need to either write some code, or ask their SAN vendor to write some code	20:46
Kiall	openstack can't and should not support every single vendor's hardware that has even been in existence.	20:47
Kiall	Instead, they support a small number of reference implementations.	20:47
WormMan	provide an API!	20:47
WormMan	:)(	20:47
* WormMan grumbles and goes back to figure out why his previously working dnsmasq overrides don't seem to be working any more		20:48
Kiall	WormMan: they do ;) Its just a python rather than web service API ;)	20:48
*** dprince has quit IRC		20:49
coli	wormman: tcpdump is your friend :-)	20:49
*** PotHix has quit IRC		20:49
WormMan	coli: luckily, it's obvious, the working vlan had dnsmasq restarted, the non-working one didn't	20:49
coli	wormman: do you use nova-network on each nova-compute node ? or a single nova-compute as gateway or maybe a hardware gateway ? I tend to go towards nova-compute+nova-network on each compute node (like in rackspace ref.arch.)	20:51
*** MarkAtwood has quit IRC		20:51
WormMan	coli: each nova-compute node	20:51
Kiall	same here.. why add another bottleneck?	20:52
coli	wormman: amny nodes ? are you in production or still in proof-of-concept stage ?	20:52
WormMan	112 nodes, we're 'production' in the sense that we have customers on it, but their prod code won't be running for a few months	20:52
coli	kiall: just asking, been playing with openstack just for few days, have only two clean installs of nova+glance behind me just thinking about a new ideas for new install	20:53
WormMan	also had to run nova-api on compute as large launches caused nova-api to fall over when they went to grab their ec2 metadata	20:53
*** MarkAtwood has joined #openstack		20:54
*** swill has joined #openstack		20:54
coli	wormman: do you use dashboard or in-house management app ?	20:55
mdomsch	each storage vendor has their own APIs to cause LUNs to be created, destroyed, snapped, replicated, etc.	20:55
uvirtbot	New bug: #893757 in nova "xml.etree.ElementTree.ParseError not supported in Python 2.6" [Undecided,New] https://launchpad.net/bugs/893757	20:55
Kiall	mdomsch: exactly..	20:55
WormMan	coli: we have dashboard, but our client uses their own custom app to manage their environment	20:56
WormMan	(it launches instances, deploys code, etc)	20:56
mdomsch	I did a PoC a few years ago, plumbing the EqualLogic CLI into libvirt via ssh. Ugly as sin, but it worked.	20:56
*** JesperA has quit IRC		20:56
*** nerdstein has left #openstack		20:56
koolhead17	jsavak: hey there	20:57
*** jedi4ever has joined #openstack		20:57
jsavak	koolhead: hi!	20:57
coli	wormman: it's a big advantage of openstack being compatible with ec2 and s3	20:58
WormMan	coli: yea, their app is presently mostly using ec2, but they're working on it(and fog, the ruby cloud bindings) to use some of the Openstack specific features	20:58
coli	customers can swiftly move from amazon to new platform	20:58
coli	I'm counting on that to move customers from aws to local platform ;-) i hope it works out.	20:59
*** johnpur has quit IRC		21:03
*** MarkAt2od has joined #openstack		21:04
*** Ryan_Lane\|away is now known as Ryan_Lane		21:05
*** MarkAtwood has quit IRC		21:07
coli	Kiall: out of curiosity why are you using in your scripts private ip ranges for floating and fixed ips ?	21:07
coli	in mose cases floating ip would be from a public range	21:08
*** redconnection has quit IRC		21:08
*** primeministerp has joined #openstack		21:08
vidd	coli, its a "adjust to suit" thing =]	21:09
vidd	my script asks you for those ranges =]	21:09
vidd	but i have yet to set up vlan	21:09
vidd	so flatdhcp is oly used [currently]	21:10
vidd	i dont want to break stuff just yet =]	21:10
coli	I'm asking thse questions 'cause I'm so new to openstack that I'm all the time usure if I'm making the right assumptions, and worried that I will assume some things which are totaly wrong.	21:11
vidd	he uses the private ips because its a "quick and dirty" install	21:11
*** MarkAtwood has joined #openstack		21:11
*** primeministerp has quit IRC		21:12
coli	I started with flatdhcp for my first install, then became more adventurous on my second ;-)	21:12
vidd	once you are familiar with what its doing, and your ready for a proper production install, you will want to use "live" data =]	21:12
vidd	coli, i spent 3 weeks getting my scripts to work properly and work all the bugs out =]	21:13
*** mattray has quit IRC		21:13
vidd	i need a break before i start introducing more stuff and breaking working stuff =]	21:13
*** MarkAt2od has quit IRC		21:13
*** primeministerp has joined #openstack		21:13
coli	i'm just playing with it in order to have an idea how all the standard gnu tools interact together to form a magic cloud called openstack ;-)	21:13
*** jmckenty has quit IRC		21:14
vidd	its more like an evil witch than a magic cloud =]	21:14
coli	sometimes I'm wondering "what were they smoking" ;-)	21:15
coli	whatever it was, it had to be good	21:15
vidd	Kiall talks about how easy keystone is to set up...he forgets to mention the pain it is to find out what small typo causes massive breakage in it =]	21:15
Ryan_Lane	-_-	21:15
koolhead17	;-)	21:16
Ryan_Lane	I had to manually update the stupid version until glance-manage db_sync worked	21:16
coli	it's like sql then ;-)	21:16
Ryan_Lane	that's just rediculous	21:16
vidd	no....nothing so simple coli	21:16
*** jmckenty has joined #openstack		21:16
coli	vidd: let me find out then, I will let you know tomorrow how it went ;-)	21:17
*** MarkAtwood has quit IRC		21:17
coli	vidd: did I read correctly (some hours ago on this channel) that you cannot have tenant and user (under different tenant) with same "name" as it causes trouble ?	21:18
*** Pr0toc0l has joined #openstack		21:18
dolphm	vidd: something i need to fix? lol	21:19
*** jmckenty has quit IRC		21:19
Pr0toc0l	hello all...quick question on a compute node....can someone tell me what the nova.conf flag is for having the vm's use the compute node's public facing network interface as it's nat versus the cloud controller's?	21:19
vidd	you can have user "joe" under tenant "smith" then add user "joe" to tenat "McFly"	21:19
vidd	its the same "joe"	21:19
vidd	dolphm, i dont much like the many-to-many relationships	21:20
dolphm	vidd: one user belonging to many tenants?	21:21
vidd	i want user "joe" in the tenant "smith" to be a different entity then user "joe" in tenant "McFly"	21:21
coli	dolphm: just a matter of a comment in keyston documentation regarding "Keystone currently allows any valid token to do anything with any account." for swift. is it still valid ?	21:22
*** sdake has quit IRC		21:22
dolphm	vidd: ah, that's where id's & names come in... we're just around the corner from supporting that use case	21:23
coli	vidd: I was thining about the situation where: user "joe" is under tenant "smith" then you have another tenatn called "joe" with some other users.	21:23
WormMan	and this is why I cheated :)	21:23
WormMan	(username=tenant_username)	21:23
dolphm	coli: that should be supported soon as well	21:23
dolphm	vidd: we're going to start issuing uuid's as ID's, and i'd like to drop the requirement that names be unique -- this would apply to users, tenants and roles at first	21:24
vidd	WormMan, i shall use that "cheat" as well	21:24
*** jmckenty has joined #openstack		21:24
vidd	dolphm, can you possible force-feed required-by-apps roles	21:24
vidd	for example, "Members" is a required role to access dashboard	21:25
coli	dolphm: is the comment "Keystone currently allows any valid token to do anything with any account." in the keystone documentation for swift still valid or is already fixed ?	21:25
vidd	when keystone builds its database, this role should auto-populate	21:25
vidd	same with the "in order to modify keystone" roles	21:26
*** MarkAtwood has joined #openstack		21:26
*** jdg has joined #openstack		21:26
jsavak	vidd: I'm a bit agianst that because not all openstack implementations would have dashboard. Instead, the service should register the roles is needs within keystone.	21:26
coli	vidd: in other words you would assume that all users should be part of "Members" by default ?	21:26
dolphm	coli: we have an open bug for that comment	21:27
*** peteroplus has joined #openstack		21:27
peteroplus	hi all someone with experience integrating swift with keystone ?	21:27
coli	dolphm: I know, as I have seen you comments there I just though that maybe you have some more info ;-)	21:27
vidd	no...all users should NOT have "Members" as default	21:27
dolphm	jsavak: but keystone should create it's own roles - Admin and ServiceAdmin -- which we can do in essex w/ migrations	21:27
*** kbringard has quit IRC		21:27
peteroplus	im getting the "object has no attribute find"	21:27
dolphm	coli: i think yogi is researching that one	21:27
jsavak	dolphm: those roles are more associated with keystone functions rather than service functions	21:28
vidd	but "Members" should be a role keystone reserves and auto-implements	21:28
dolphm	vidd: there's a migration in review to do exactly that -- but not for Admins	21:28
vidd	you guys rock =]	21:28
dolphm	QUICK! ^^ SOMEONE TAKE A SCREENSHOT! ^^	21:29
*** vladimir3p has joined #openstack		21:29
vidd	it was a typo?	21:29
dolphm	lol	21:29
vidd	=]	21:29
jsavak	lol	21:29
peteroplus	anyone :( ?	21:29
dolphm	peteroplus: ask your question, several of the guys here can probably help out	21:30
vidd	dolphm, he is getting"object has no attribute find" with keystone/swift integration	21:31
peteroplus	ok, when i finish setting up all my keystone and switf environment , and i try to test it with the swift tool i get : AttributeError: 'NoneType' object has no attribute 'find'	21:31
* Ryan_Lane sure hopes nova upgrades easier than glance		21:31
peteroplus	on my keystone table my user is relationed with my tenant	21:31
jsavak	peter: any trace in the logs?	21:31
dolphm	vidd: peteroplus: do you know if that's coming from swift or keystone?	21:31
peteroplus	and the service for swift asosciated with the tenan too so the endpoint template	21:31
vidd	peteroplus, paste the endpoint template for your swift in keystone	21:32
peteroplus	dolphm comes from the swift tool execution	21:32
peteroplus	vidd	21:32
peteroplus	ok	21:32
vidd	the template...not the endpoint	21:33
*** krow has quit IRC		21:33
*** jmckenty has quit IRC		21:33
peteroplus	keystone-manage endpointTemplates add RegionOne swift http://172.16.0.88:8080/v1/AUTH_%tenant_id% http://172.16.0.88:8080/ http://172.16.0.88:8080/v1/AUTH_%tenant_id% 1 1	21:33
dolphm	peteroplus: i don't see anywhere in keystone (or middleware) where we access an attribute called 'find'	21:34
dolphm	i'll poke at swift too though	21:34
vidd	peteroplus, your middle endpoint template is malformed....	21:34
peteroplus	thats from the documentation vidd	21:35
peteroplus	how should i write it ?	21:35
vidd	at the least it should have the v1/AUTH_%tenant_id%	21:36
vidd	and it should be using whatever port uses for admin stuff	21:36
* Ryan_Lane sighs		21:36
peteroplus	ok, but the ip should point to the swift proxys	21:36
vidd	right	21:37
Ryan_Lane	oh. right. nova-manage db sync failed too	21:37
dolphm	jsavak: isn't keystone-manage awesome? ^^ ;)	21:37
Ryan_Lane	unknown encoding: binary <- anyone ever seen this?	21:37
koolhead17	vidd: i am still stuck at same satage	21:37
jsavak	dolphm: it'll get there	21:37
peteroplus	or to keystone at port 35375 vidd ?	21:37
koolhead17	dashboard dies	21:37
koolhead17	once i submit the details	21:37
vidd	koolhead17, i was stuck too...then i used ppa's and got unstuck	21:37
dolphm	peteroplus: probably not keystone (35357)	21:37
peteroplus	ok so the 8080 proxy ports from swift	21:38
koolhead17	vidd: :P	21:38
peteroplus	ill try changing the middleware url	21:38
vidd	peteroplus, you want swifts admin port#	21:38
peteroplus	ok let me check that vidd	21:39
koolhead17	vidd: no option of getting it working without PPA :D	21:39
*** lorin1 has quit IRC		21:39
*** dgags has quit IRC		21:40
vidd	koolhead17, im sure there is...but i dont know what it is...you insist on using venv whereas i refuse to protect something with god rights from security updates	21:40
dpippenger	in the nova networking db table, what is the difference between the "bridge" field and "bridge_interface" field?	21:41
koolhead17	vidd: calm down. :)	21:41
vidd	this IS me being calm =]	21:41
* koolhead17 is scared of vidd		21:42
vidd	as you should be =]	21:42
peteroplus	vidd, changed the middle url , still failing with the same error	21:42
vidd	little kids dress up as me for halloween	21:42
koolhead17	vidd: haha	21:42
Ryan_Lane	anyone know why my nova db sync might fail due to an improper character set?	21:42
*** miclorb_ has joined #openstack		21:43
Ryan_Lane	did cactus not set the default, and therefore my database tables now have the wrong character set?	21:43
peteroplus	vidd seems like a url parsing error , we re debugging the parsing	21:43
vidd	Ryan_Lane, dunno...i never used cactus =\	21:43
Ryan_Lane	this really is a terrible, terrible upgrade	21:44
Ryan_Lane	:(	21:44
*** krow has joined #openstack		21:44
*** magg has joined #openstack		21:44
magg	hello	21:44
*** jseutter has joined #openstack		21:44
magg	im using kiall packages but im getting this error on the compute node	21:44
magg	http://pastebin.com/Pb0GESQS	21:44
magg	plz help	21:44
Kiall	magg: it looks like your half using my packages...	21:45
*** FallenPegasus has joined #openstack		21:45
Kiall	dpkg -l \| grep -E "(openstack\|nova\|glance\|keystone)"	21:45
vidd	Kiall, dollars to donutes he dont have your PIN	21:45
vidd	or euros to eclairs if you prefer =]	21:46
magg	http://pastebin.com/5HhMKB62	21:47
Kiall	vidd: how many eclairs?	21:47
vidd	magg, did you apt-get install managedit-openstack-pin?	21:47
Kiall	brb - making room in the fridge...	21:47
Kiall	vidd: #1 on his list	21:47
vidd	one eclair per euro	21:48
Kiall	brb..	21:48
*** MarkAtwood has quit IRC		21:48
magg	yeah	21:48
*** juddm has quit IRC		21:48
jdg	vidd: Pretty impressive!!	21:49
jdg	Script seemed to run without a hitch	21:49
magg	its says on the pastebin i got it, right	21:50
swill	chmouel: (just getting back to this) i have successfully written read and write acl strings to a container, but i am still having issues. is there a reference somewhere that defines the format of the acl string that needs to be passed. is it '<tenant>:<username>' or must '<username>'.	21:50
jdg	Although I don't seem to know what "user Name/Password" the dashboard is looking for.	21:50
*** dirkx_ has joined #openstack		21:51
Ryan_Lane	does anyone know what the character set for the database and table is supposed to be?	21:51
*** sdake has joined #openstack		21:51
Ryan_Lane	apparently I'm going to have to fix this manually too	21:51
vidd	jdg, your server-path file is holding that info [in case you forget what you set]	21:51
magg	so?	21:52
magg	what can be the problem	21:52
Kiall	magg: they look right..	21:52
Kiall	1 sec	21:52
magg	:o	21:52
Kiall	accidently messed up an nginx config..	21:52
Kiall	every URL now points to the homepage -_-	21:52
*** dysinger has joined #openstack		21:52
swill	Kiall: ouch...	21:53
koolhead17	:(	21:53
*** MarkAtwood has joined #openstack		21:53
*** Vinsh_HP has quit IRC		21:53
vidd	jdg, you good now?	21:53
vidd	Ryan_Lane, utf_8 IIRC	21:54
Ryan_Lane	with which collation?	21:55
*** statik has joined #openstack		21:55
vidd	uhhhh default?	21:55
Ryan_Lane	ok	21:55
*** Vinsh_HP has joined #openstack		21:55
jdg	Grrr...	21:55
jdg	Have some errors in the overview	21:55
magg	do i need to install keystone on the compute nodes?	21:55
Ryan_Lane	ugh. I'm going to need to modify all the tables too.	21:56
*** FallenPegasus has quit IRC		21:56
jdg	"Unable to get service info: This server coul dnot verify that you are authroized to access...."	21:56
vidd	Ryan_Lane, my phpmyadmin says "utf8_general_ci" if that means anything to you	21:56
*** joesavak has joined #openstack		21:56
*** jsavak has quit IRC		21:56
Ryan_Lane	thanks	21:56
vidd	magg, no...just need it on one node	21:57
magg	mmmmm	21:57
*** jmckenty has joined #openstack		21:59
magg	all the services on the compute node get XXX	22:00
*** ejat has joined #openstack		22:00
magg	is because of that error?	22:00
jdg	vidd: Exception at /syspanel/images.. looks like my authorization isn't working right.	22:00
jdg	raise exception.NotAuthorized()	22:00
vidd	jdg, look in your keystone database....	22:01
vidd	under users	22:01
*** joesavak has quit IRC		22:02
vidd	is there a user that matches the "ADMIN_USER" from your server-path file?	22:02
*** peteroplus has quit IRC		22:02
*** praefect has quit IRC		22:02
*** heckj has quit IRC		22:03
jseutter	I just completed a stackops allinone install. How do I log into the system or find out how to set up my EC2* variables?	22:03
vidd	jdg, if you used my scripts, you have phpmyadimn installed	22:03
*** exprexxo has quit IRC		22:03
*** mgoldmann has quit IRC		22:03
jdg	vidd: keystone database in mysql you mean? And yes I used your script	22:03
*** coli has quit IRC		22:03
vidd	jdg, yes...in phpmyadmin	22:03
magg	:(	22:04
jdg	How do I use phpmyadmin? Sorry, I'm a newb!	22:04
*** joesavak has joined #openstack		22:04
vidd	[server_ip]/phpmyadmin	22:05
Ryan_Lane	well, it's not the character set of the tables...	22:05
Ryan_Lane	why is sqlalchemy returning this: LookupError: unknown encoding: binary	22:05
*** MarkAt2od has joined #openstack		22:05
jdg	vidd: got it, thanks.	22:06
*** jmckenty_ has joined #openstack		22:06
Ryan_Lane	I also get that error when I do nova-manage db version	22:06
Ryan_Lane	that didn't happen when I was on cactus	22:06
*** jmckenty has quit IRC		22:06
Kiall	magg: sorry, what was the PB error URL again?	22:06
magg	http://pastebin.com/Pb0GESQS	22:07
vidd	jdg, does the user listed as "ADMIN_USER" in your server-path file match the one listed in the keystone database?	22:08
jdg	vidd: sorry, stepped away. Yes, oddly it's there.	22:08
*** GheRivero has joined #openstack		22:09
*** MarkAtwood has quit IRC		22:09
Kiall	magg, try installing the python-keystone package and restarting nova-api?	22:09
magg	kk	22:09
*** vladimir3p has quit IRC		22:09
vidd	so the "ADMIN_PASSWORD" listed in your server-path file should = the password you need with that user in dashboard	22:09
swill	does anyone know how the options '--read-acl' and '--write-acl' for the 'swift' command are formatted (i am using swift_auth, if that matters).	22:09
*** jmckenty_ has quit IRC		22:09
vidd	also, is the username you gave for your nova project listed there as well?	22:09
Kiall	magg: actually.. what sort of install are you doing? just nova?	22:09
notmyname	swill: http://programmerthoughts.com/openstack/swift-permissions/	22:09
jdg	Yep, that's what I'm using. I'ts odd becuase it lets me log in, just certain "features" fail	22:10
jdg	vidd: no my project user isn't in the database	22:10
*** mattray has joined #openstack		22:10
magg	multi node	22:10
vidd	run the user_add_keystone script to het that	22:11
vidd	what features fail?	22:11
Kiall	magg: Well, it looks like you only have nova installed, but have configured nova to use keystone	22:11
*** joesavak has quit IRC		22:11
vidd	failed features=script issues	22:11
*** redconnection has joined #openstack		22:11
magg	no i have installed glance keystone and nova on the controller	22:12
magg	this is a compute node	22:12
Kiall	and this is a compute node?	22:12
*** coli has joined #openstack		22:12
jdg	So in the dashboard: Overview has an error (the one I described) and if I try to access "images" I get the exception.NotAuthorized()	22:12
magg	yeah	22:12
Kiall	magg: ah okay, then yes. if you want nova-api on the comutes nodes..	22:12
Kiall	python-keystone will be needed aswell, if you use keystone	22:13
magg	what?	22:13
magg	ah	22:13
magg	kk	22:13
swill	notmyname: thank you... i should be able to figure out what the equivalent will be for swift_auth.	22:13
notmyname	swill: cool. the format for the headers should be the same	22:13
*** MarkAtwood has joined #openstack		22:13
*** JesperA has joined #openstack		22:14
vidd	jdg, do you have pastebinit installed on your system?	22:14
jdg	vidd: no, but I can install it	22:14
Kiall	magg: that fix it anyway?	22:14
vidd	id like you to pastebin me the keystone_template.sh file	22:14
swill	notmyname: i think i was thinking that it should be the keystone tentant in place of the account, but I think it needs to actually be the AUTH_# for the account and not the actual tenant. i was also trying to do a list as a test, so everything I tried was failing. :) I will put objects in the container and do test that way. thanks...	22:14
vidd	[i may have missed a push]	22:14
magg	kiall: thanks a lot mate, that fixed it	22:15
*** MarkAt2od has quit IRC		22:15
vidd	Kiall, what is the likelyhood your ppa's will work with vanilla debian?	22:16
*** ahasenack has quit IRC		22:17
magg	but i dont get a happy face for the services on the compute node	22:17
vidd	magg, check the time sync	22:18
jdg	vidd: http://paste.openstack.org/show/3509/	22:18
*** krow has quit IRC		22:18
magg	vidd, u mean ntp?	22:19
vidd	magg, yeah....make sure the time on both servers sync	22:19
*** ejat has quit IRC		22:20
uvirtbot	New bug: #893795 in horizon "Flavors throws 500 page instead of graceful 401" [Undecided,New] https://launchpad.net/bugs/893795	22:20
vidd	jdg, can you check your /etc/glance/glance-api.cong and your /etc/glance/glance-registry to verify the admin port is 35357 and not 5001?	22:21
*** ejat has joined #openstack		22:21
*** ejat has joined #openstack		22:21
coli	vidd: what do you mean by vanila debian ? squeeze (aka stable) ?	22:21
vidd	*glance-registry.conf	22:21
vidd	coli, yes	22:21
*** cdub has quit IRC		22:22
*** cdub has joined #openstack		22:22
*** dolphm has quit IRC		22:22
coli	vidd: afaik squeeze doesn't have openstack in its repositories	22:22
vidd	coli, there are tons of debian flavors [ie ubuntu]	22:22
coli	vidd: debian is just one, there offshots likes ubuntu (very good one)	22:23
vidd	heh i dont know about "good" but i use ubuntu =]	22:24
magg	vidd: will they sync eventually?	22:24
coli	vidd: what I don't like about ubuntu is the worry each time i'm using apt-get upgrade that something will go wrong. Except for one time never had a problem with debian since 2002 when upgrading	22:24
jdg	vidd: hmmm... no admin_port	22:24
magg	does it take long?	22:24
jdg	vidd: auth_port = 35357	22:25
Kiall	vidd: no idea how likely that they are to work on debian..	22:25
Kiall	They work on ubuntu oneiric - that is all i have, and all I will be testing (until ubuntu precise comes out)	22:25
vidd	jdg, not "admin _port" .... "auth_port" [my bad]	22:25
*** jmckenty has joined #openstack		22:26
coli	Kiall: debian doesn't have openstack in its official repositories for stable version	22:26
Kiall	all i have tested*	22:26
*** jakedahn has quit IRC		22:26
jdg	Ahhh.... wait	22:26
jdg	So we don't have DNS so it assign auth_uri to 127.0.0.1... could that be a problem?	22:26
Kiall	coli: well, I for one never ever every upgrade a server.. No upgrades ever work IMO...	22:26
coli	kiall: never had any problems with debian :-) even between version	22:27
*** oubiwann1 has joined #openstack		22:27
vidd	jdg, there should not be 127.0.0.1 anywhere	22:27
Kiall	If it takes longer to re-install than is does to upgrade, either your documentation or provision system sucks.	22:27
jdg	vidd: Ok, so maybe I could just replace any 127 address with my systems static IP.	22:28
vidd	i took great care to make sure all "default" urls get real IPs fron the server-path	22:28
magg	alright, this is crazy i get happy faces for the services on the compute node and XXX for the services on the controller node... after nova-manage service list on the compute node and vice versa	22:28
coli	kiall: you are lucky that you are working in small env or without customers ;-)	22:28
vidd	127.0.0.1 will not work =]	22:28
Kiall	coli: lol.. no, I just automate the provisioning of everything.	22:28
jdg	vidd: Yeah, sorry... I figured I was going to run into trouble not having a name server	22:28
*** oubiwann has quit IRC		22:28
*** krow has joined #openstack		22:28
jdg	So I guess I'll have to do a find/replace on every conf file for 127's	22:29
*** oubiwann1 is now known as oubiwann		22:29
jdg	crap!	22:29
coli	Kiall: I would love to see your provisionging system then :-)	22:29
vidd	jdg server-name or ip is fine 127.0.0.1 and "localhost" BAD	22:29
Kiall	coli: puppet to start with ;) But it depends on what you actually maintain...	22:29
jasona	morning vidd.	22:29
jdg	Alright, hitting a meeting. I'll work on changin all of the conf files when I get back. Then reboot/restart everything and try again. :)1;2~	22:29
coli	kial: thinking moving to pupper, using cfengine currently	22:30
vidd	jdg, should just ahve to edit the server-path file and re-run convert_keystone	22:30
*** ldlework has quit IRC		22:30
jdg	pheww... that sounds much better!	22:30
Ryan_Lane	I'm kind of screwed in the middle of a nova upgrade right now, if anyone has a clue of what my problem is	22:30
Kiall	never used cfengine, but puppet is great for getting the base servers + software ready, then its down to custom stuff to deploy your actual apps etc	22:30
vidd	and manually update nova.conf	22:31
coli	kiall: we maintain our systems (that not a problem) and a lot of systems for customers with some realy twisted applications (cusome made by some wierd software houses)	22:31
Ryan_Lane	nova-manage db version (and therefore sync) is giving me sqlalchemy errors	22:31
*** GheRivero has quit IRC		22:31
soren	Ryan_Lane: pastebin?	22:31
swill	coli: I feel your pain. we host some pretty retarded applications. haha	22:31
Ryan_Lane	soren: sec	22:31
*** GheRivero has joined #openstack		22:31
jdg	Bummer... * Restarting web server apache2 apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName ... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName	22:32
swill	jdg: apache started anyway didn't it?	22:32
vidd	jdg, my script does not touch that =]	22:32
swill	jdg: in my local setup, that is only a warning (not a related site though).	22:33
Ryan_Lane	soren: http://pastebin.com/n0CSmMJz	22:33
soren	jdg: That's normal.	22:33
soren	Ryan_Lane: Which version of sqlalchemy and migrate do you have?	22:33
soren	Ryan_Lane: And MySQL, I guess.	22:34
Ryan_Lane	migrate: 0.6-4~lucid1; sqlalchemy: 0.6.3-1ubuntu0~lucid1	22:34
soren	Eep.	22:34
*** redconnection has quit IRC		22:35
*** bsza has quit IRC		22:35
soren	Ryan_Lane: I wouldn't be surprised if that's your problem.	22:35
Ryan_Lane	what versions am I supposed to have?	22:35
*** GheRivero has quit IRC		22:35
Ryan_Lane	that's the versions in the diablo ppa	22:36
soren	Hm.	22:36
soren	Ok.	22:36
*** lmh has quit IRC		22:37
soren	I..	22:37
*** lmh has joined #openstack		22:37
vidd	soren, once you start the i...i...i... crap....your lying =]	22:37
soren	I would have thought sqlalchemy 0.6.8 and migrate 0.7.1 or something.	22:37
*** dirkx_ has quit IRC		22:37
Kiall	lol	22:37
soren	vidd: I'm always lying.	22:38
*** bryguy has quit IRC		22:38
soren	vidd: That's not really true, though.	22:38
soren	Go figure.	22:38
magg	help: http://pastebin.com/5ewmtF4G	22:38
soren	magg: Install ntp everywhere.	22:39
vidd	the i...i...i... comment or the "youre always lying"?	22:39
*** _rfz has joined #openstack		22:39
soren	magg: Then you win.	22:39
soren	vidd: The latter.	22:39
_rfz	evening	22:39
magg	soren: i have ntp	22:39
vidd	=]	22:39
soren	magg: It's not working.	22:39
magg	uh	22:39
*** redconnection has joined #openstack		22:39
Kiall	magg: check the servers time.. they are probably out	22:40
*** hadrian_ has joined #openstack		22:40
jasona	there seem to be a bunch of nova scripts on github, is there any arbiter that says there's a particular one that works well ?	22:40
jasona	(for simple demo/dev nova installation)	22:40
soren	magg: Check the time on cloudhq1 and cloudhq2. They're probably ~20 seconds apart.	22:40
vidd	jasona, yes...the ones from Kiall 's ppa	22:40
*** bryguy has joined #openstack		22:41
jasona	vidd: looking, thanks.	22:41
soren	magg: Nah, make that 25 seconds.	22:41
vidd	my scripts do a nice secure - ish install	22:41
*** hadrian has quit IRC		22:41
*** hadrian_ is now known as hadrian		22:41
jasona	i started trying to follow the instructions in the documentation on openstack.org and fell over at just the first step with a manual install :)	22:42
jasona	now i'm sad that i spent the time being a redhat person rather than debian person..	22:42
magg	cyeah	22:42
magg	like 25 sec apart	22:42
magg	so? how do i sync it	22:42
soren	ntp.	22:42
jasona	stop ntp. run ntpdate <some server. restart ntp	22:43
soren	ntpdate to sync them once, ntp to make them stay that way.	22:43
magg	ook	22:43
* Kiall wonders sometimes.. https://lists.launchpad.net/openstack/msg05610.html		22:43
jdg	So if that's normal what about the conf files getting 127's? Is that ok too?	22:43
vidd	jdg, let me know when your back	22:43
jdg	vidd: nice timing	22:43
Kiall	even for a toy production environment, thats going to suck come upgrade time...	22:43
vidd	heh...your back =]	22:43
vidd	you do any customization to the nova.conf file?	22:44
soren	Kiall: That's nothing.	22:44
jdg	Nope, not as of yet at least	22:44
soren	Kiall: A couple of weeks ago, someone stopped by asking how to upgrade the his install that was based on just a git checkout + python setup.py install.	22:45
*** hadrian_ has joined #openstack		22:45
koolhead17	livemoon it was	22:45
* koolhead17 remembers		22:45
soren	Was it? You're probably right.	22:45
magg	thanks guys	22:45
magg	it worked!	22:45
Kiall	soren: thats was probably vidd	22:45
vidd	so you can updtae the server-path file with real info, re-run the convert_keystone script, rerun the nova-preload script to rebuild the nova.conf file	22:46
Kiall	he spent a month trying to get "git clone + python setup.py install" production "ready" ;)	22:46
jdg	vidd: trouble is server-path has real info in it	22:46
*** rsampaio has quit IRC		22:46
vidd	then your config files should all have real ips	22:47
jdg	I would agree, but they don't :(	22:47
*** hadrian has quit IRC		22:48
*** hadrian_ is now known as hadrian		22:48
magg	one question: whats the user data field on the dashboard for?	22:48
jdg	is something trying to do a name lookup on the ip address that I supply?	22:48
*** Ryan_Lane has quit IRC		22:48
jdg	Thus doing just like apache with assigning the 127 ip maybe?	22:48
*** Ryan_Lane has joined #openstack		22:48
vidd	jdg, the convert_keystone scipt is suppose to change the "127.0.0.1" in the glance configs to the $KEYSTONE_HOST_IP	22:50
jdg	ls	22:50
jdg	oops :)	22:51
*** hadrian_ has joined #openstack		22:51
jdg	So what if I just set keystone_host_ip and rerun? Maybe that will sort it out?	22:51
Kiall	vidd: sounds like your scripts are trying to be too smart and failing at it ;)	22:51
*** pixelbeat has joined #openstack		22:51
jdg	kiall: By the way, I tried your script as well :)	22:52
Kiall	no joy?	22:52
jdg	Just kidding... yours are next. Imaging the system and getting rabbit-mq etc now.	22:52
magg	i get a nbd15 control failed -32	22:52
*** redconnection has quit IRC		22:53
*** hadrian has quit IRC		22:53
*** hadrian_ is now known as hadrian		22:53
vidd	jdg, does the ./obtain_token script give yiu the auth token?	22:53
*** ejat has quit IRC		22:54
jdg	vidd: yes it does	22:54
*** jmckenty has quit IRC		22:54
*** lvaughn has quit IRC		22:54
vidd	does "glance -A `./obtain_token.sh`index return a blank line?	22:55
*** dysinger has quit IRC		22:55
*** dysinger has joined #openstack		22:56
vidd	does "glance -A `./obtain_token.sh` index" return a blank line?	22:56
vidd	is the "./" required?	22:56
jdg	stacker@sfstack-38:~/openstack_installer$ sudo glance -A './obtain_toke.sh' index	22:56
jdg	Failed to show index. Got error:	22:56
jdg	Unable to connect to server. Got error: [Errno 111] ECONNREFUSED	22:57
jdg	stacker@sfstack-38:~/openstack_installer$	22:57
*** jakedahn has joined #openstack		22:57
vidd	ok...so there is some issue in the glance-registry and/or glance-api	22:57
*** magg has quit IRC		22:58
vidd	make sure both have real ips in the config files	22:58
*** hggdh has quit IRC		22:58
vidd	and the auth port is correct [not 5001]	22:58
*** krow has quit IRC		22:58
jdg	auth_port looks good, I'll replace the 127 ips in the config files	22:59
*** dolphm has joined #openstack		22:59
vidd	once you do, put service glance-api restart	23:01
vidd	; sleep 2	23:01
vidd	;service glance-registry restart	23:01
*** magg has joined #openstack		23:02
*** dysinger has quit IRC		23:03
*** dysinger has joined #openstack		23:03
*** koolhead17 is now known as koolhead17\|zzZZ		23:04
*** dysinger has quit IRC		23:04
*** dysinger has joined #openstack		23:05
*** TheOsprey has quit IRC		23:05
jdg	vidd: much closer!	23:05
vidd	does "glance -A `./obtain_token.sh` index" return a blank line now?	23:06
jdg	Now the only place I'm seeing an error in under images "Unable to connect to server. Got err:[Errno 111] ECONNREFUSED"	23:06
magg	i get a nbd15 control failed -32 when i try to create an instance	23:06
jdg	Crap...ECONNREFUSED	23:07
*** cp16net has quit IRC		23:07
*** imsplitbit has quit IRC		23:07
Kiall	magg: its harmless	23:07
magg	lol	23:07
*** dysinger has quit IRC		23:08
*** dysinger has joined #openstack		23:08
*** magg has quit IRC		23:08
*** sandywalsh_ has quit IRC		23:09
*** sandywalsh has quit IRC		23:09
*** catintheroof has quit IRC		23:09
*** cereal_bars has quit IRC		23:10
*** andrewbogott has quit IRC		23:10
*** krow has joined #openstack		23:11
*** koolhead17\|zzZZ has quit IRC		23:11
Ryan_Lane	ah. figured it out	23:11
Ryan_Lane	the version of mysql I'm using has a default characterset of binary	23:11
*** dysinger has quit IRC		23:11
vidd	Ryan_Lane, glad to hear....what did you do?	23:11
jdg	glance-registry.conf is missing a 'pipeline' setting ???	23:12
*** dysinger has joined #openstack		23:12
Ryan_Lane	I added this to my sql_connection flag: ?charset=latin1	23:12
*** sg has joined #openstack		23:12
Ryan_Lane	since everything else is latin1	23:12
sg	can someone explain to me -what- openstack is?	23:12
*** jakedahn has quit IRC		23:12
coli	sg: "evil witch"	23:13
Ryan_Lane	this likely has to do with the fact that I'm using the "facebook" version of mysql	23:13
vidd	Ryan_Lane, can you open a bug against the docs to have that but in?	23:13
Ryan_Lane	and how we have it configured for mediawiki	23:13
vidd	coli, that is my line	23:13
Ryan_Lane	I think this is very likely specific to us	23:13
coli	vidd: that's why I have quoted it ;-)	23:14
Ryan_Lane	I'll make sure things are actually working before I bother adding it to the docs ;)	23:14
vidd	Ryan_Lane, that "may" be true...but if it affects one, it is likely to affect others	23:14
sg	coli: huh?	23:14
Ryan_Lane	yeah	23:14
*** zul has quit IRC		23:15
jdg	vidd: Should I have an entry for pipeline:glance-registry ?	23:15
swill	chmouel: notmyname: I have gotten ACL to work using the keystone 'role' as the --read-acl and --write-acl parameter in the swift call using swift_auth. Thanks for all the help... chmouel, let me know when you have patches to test, my setup allows me to test patches easily...	23:16
notmyname	swill: great to hear	23:16
vidd	the glance files have the right pipelines...they just need to be enabled	23:16
Ryan_Lane	hmm. that worked for nova-manage, but doesn't work for some of the nova services :(	23:17
swill	i should blog some of the things i figure out. :)	23:17
*** jseutter has quit IRC		23:18
*** hggdh has joined #openstack		23:19
*** zul has joined #openstack		23:19
*** _diana_ has quit IRC		23:21
vidd	jdg, how is it going now?	23:21
jdg	Still getting that ECONNREFUSED error.	23:22
vidd	can you run that index command?	23:23
jdg	That's the command that is giving me the error	23:23
jdg	It's in the dashboard and when I run this index command as well.	23:23
*** rnirmal has quit IRC		23:24
jdg	Tried restarting glance-api and glance-registry again. Let me check and make sure there's no 127 IP's hiding around still.	23:24
jdg	Nope... none in /etc/glance/ anyway.	23:25
jdg	Hmmm...	23:25
vidd	ok....is you user added to keystone?	23:25
Kiall	umm .. ECONNREFUSED has nothing to do with users being in keystone IMHO ;)	23:26
jdg	Ahh... no	23:26
jdg	The user I'm logging into the dashboard with is not in the DB Keystone/users	23:26
vidd	huh?	23:27
jdg	Never mind	23:27
Kiall	anyway - im off.. cyas	23:28
*** MarkAtwood has quit IRC		23:28
vidd	log out of dashboard restatr keystone and apache	23:31
jdg	Ok	23:31
vidd	now run the index command	23:32
jdg	Dang it.. same thing.	23:32
vidd	i dont understand =\	23:33
Kiall	vidd: you're clutching at straws ;) the glance command doesnt touch dashboard or apache ;)	23:33
jdg	Then we're really in trouble	23:33
Kiall	anyway - as I said .. im off.. cyas	23:33
*** hingo has quit IRC		23:33
coli	jdg: tcpdump is your friend at first encounter with ECONNREFUSED, go back to basics.	23:33
*** dysinger has quit IRC		23:33
coli	kiall: see you later	23:34
*** MarkAtwood has joined #openstack		23:34
vidd	Kiall, but dashboard (which is also having issues) does	23:34
jdg	coli: good suggestion, I'll have to google tcpdump and figure out how to use it. I'm not a networking guy	23:35
coli	jdg: it sysadmin tool :-)	23:35
*** code_franco has quit IRC		23:35
coli	tcpdump -n -i <interface>	23:35
*** tylesmit has left #openstack		23:35
*** lionel has quit IRC		23:35
coli	most basic use if you have little traffic, if little traffic but connected via ssh then:	23:35
*** lionel has joined #openstack		23:36
coli	tcpdump -n -i <interface> not port 22	23:36
*** jseutter has joined #openstack		23:36
jdg	coli: hmm, not seeing much interesting other than ack/seq entries	23:38
coli	jdg: keystone and glance on two different machines ?	23:39
jdg	coli: nope, same machine	23:39
coli	jdg: different ip for each ?	23:40
jdg	Nope, same IP	23:40
*** redconnection has joined #openstack		23:41
coli	jdg: what OS ? ubuntu ?	23:43
*** fifieldt has joined #openstack		23:44
*** MarkAtwood has quit IRC		23:44
jdg	Ubuntu 11.10	23:46
jdg	vidd: server-path and nova-settings on pastebin: http://paste.openstack.org/show/3511/	23:48
*** rnorwood has quit IRC		23:48
*** nyeates has quit IRC		23:49
coli	jdg: then did you try: tcpdump -n -i lo ?	23:49
coli	run it and then try to make glance connect	23:49
jdg	Yes, I'll try it again. Didn't see anything interesting though	23:49
vidd	jdg, #--keystone_ec2_url=http://192.168.135.38:5000/v2.0/ec2tokens	23:49
vidd	looks like the convert_keystone script never ran	23:50
*** stanchan has joined #openstack		23:50
jdg	Ahh crap	23:50
vidd	uncomment that line	23:50
jdg	I checked that in /etc/ files ont the script	23:50
jdg	vidd: ok, now run keystone_setup.sh again?	23:51
vidd	nope	23:52
vidd	restart all services and you should be good	23:52
jdg	Oh.. ok	23:52
jdg	Does order matter?	23:52
coli	jdg: if you haven't seen anything interesting then glance is not connecting over lo to keystone ;-)	23:53
vidd	the restart services	23:53
vidd	script	23:53
coli	jdg: so at least you know that the issue is with glance for sure.	23:53
jdg	Oh, thanks! Didn't notice that handy gem	23:53
jdg	GRRRR!!!	23:54
vidd	?	23:54
jdg	Still get ECONNREFUSED in Dashboard/Images	23:54
vidd	we want the CLI to work first	23:55
jdg	Ok, the index command as well	23:55
jdg	stacker@sfstack-38:~/openstack_installer$ sudo glance -A './obtain_token.sh' index	23:55
jdg	Failed to show index. Got error:	23:55
jdg	Unable to connect to server. Got error: [Errno 111] ECONNREFUSED	23:55
*** guaqua2` has quit IRC		23:56
*** guaqua2` has joined #openstack		23:56
vidd	run the convert_keystone script	23:56
vidd	we have to be missing something	23:56
jdg	Ok... hold on, bunch o'stuff to look through	23:57
*** MarkAtwood has joined #openstack		23:57
*** nerens has quit IRC		23:57
jdg	ERROR: Error trying to load config /etc/glance/glance-registry.conf: The [pipeline:glance-registry] section in /etc/glance/glance-registry.conf is missing a 'pipeline' setting	23:57
jdg	Uh oh, there are a few errors in here	23:58
jdg	"Duplicate entry 'sfproject' for key 'name'	23:58
vidd	cancel the run	23:59
jdg	It already finished	23:59
jdg	So I've got a few of these "Duplicate entry" errors listed here	23:59

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!