From rbryant at redhat.com Mon Dec 3 15:35:25 2012 From: rbryant at redhat.com (Russell Bryant) Date: Mon, 03 Dec 2012 10:35:25 -0500 Subject: [rhos-list] Hooks/plugins in Openstack NOVA In-Reply-To: <1353570128.955cb567b6e38f4c6b3f28cc857fc38c@mail.in.com> References: <1353570128.955cb567b6e38f4c6b3f28cc857fc38c@mail.in.com> Message-ID: <50BCC6BD.1000302@redhat.com> On 11/22/2012 02:42 AM, Kumar Vaibhav wrote: > Hi Russell, > > Thanks a lot for the pointer. I think this will solve my problem. > > Sorry to trouble you more, but can you please direct me to some sample > notification receiver. > > I know python but no nothing about this messaging system. So if you can > give me a sample notification receiver I will adopt it to my needs. Here is an example that I just tested out: https://gist.github.com/4195727 To enable notifications on a Folsom nova install, set this in /etc/nova/nova.conf: notification_driver=nova.openstack.common.notifier.rabbit_notifier Note that you may have to change 'nova' in the example code to 'openstack' depending on which version you use this code against. There was a regression where all messages were being sent to the 'openstack' exchange instead of the 'nova' exchange. There is a patch in the queue to change it back to 'nova'. https://review.openstack.org/#/c/17234/ -- Russell Bryant From jlarson at stas.fbi.gov Mon Dec 3 22:53:53 2012 From: jlarson at stas.fbi.gov (John Larson) Date: Mon, 3 Dec 2012 17:53:53 -0500 Subject: [rhos-list] Folsom Preview RPM question Message-ID: <1354575233.15725.5.camel@f2151029-lin.wyltk.com> Hello All, Apologies in advance if I am missing something obvious. I am subscribed to the Folsom Preview channel and I am using the Folsom Preview Getting Started Guide. Everything is working as expected, but when I get to the Quantum (Networking) Section (Chapter 7), I am instructed to yum install openstack-quantum-openvswitch. That RPM is not in the Folsom preview channel. It appears to be an important RPM. I have triple-checked that the RPM does not exist in the channel, but I would like someone else to verify that in case I have overlooked something. Thanks, John From pmyers at redhat.com Mon Dec 3 22:59:34 2012 From: pmyers at redhat.com (Perry Myers) Date: Mon, 03 Dec 2012 17:59:34 -0500 Subject: [rhos-list] Folsom Preview RPM question In-Reply-To: <1354575233.15725.5.camel@f2151029-lin.wyltk.com> References: <1354575233.15725.5.camel@f2151029-lin.wyltk.com> Message-ID: <50BD2ED6.3050802@redhat.com> On 12/03/2012 05:53 PM, John Larson wrote: > Hello All, > > Apologies in advance if I am missing something obvious. > > I am subscribed to the Folsom Preview channel and I am using the Folsom > Preview Getting Started Guide. Everything is working as expected, but > when I get to the Quantum (Networking) Section (Chapter 7), I am > instructed to yum install openstack-quantum-openvswitch. That RPM is not > in the Folsom preview channel. It appears to be an important RPM. > > I have triple-checked that the RPM does not exist in the channel, but I > would like someone else to verify that in case I have overlooked > something. The docs are apparently a little eager for openvswitch support :) When the Folsom Preview was released, we couldn't release the openstack-quantum-openvswitch package yet, because the underlying OS (RHEL 6.3) didn't contain kernel support for OVS. Our plan is to release that package, and also the openvswitch userspace package once RHEL 6.4 has released its public beta (which should be very soon now) So for the time being, it is not possible to use the RHOS Folsom Preview with OVS. But it should be possible to use it with other quantum plugins if you have the requisite hardware. So just hold off for a few days, the packages should be there soon :) Perry From jlarson at stas.fbi.gov Mon Dec 3 23:14:56 2012 From: jlarson at stas.fbi.gov (John Larson) Date: Mon, 3 Dec 2012 18:14:56 -0500 Subject: [rhos-list] Folsom Preview RPM question In-Reply-To: <50BD2ED6.3050802@redhat.com> References: <1354575233.15725.5.camel@f2151029-lin.wyltk.com> <50BD2ED6.3050802@redhat.com> Message-ID: <1354576496.15725.12.camel@f2151029-lin.wyltk.com> Perry, Thank you very much for responding so quickly. I really don't know how to configure any of the other plug-ins as I am using the Red Hat Folsom Preview Getting Started Guide so I guess I'll just wait. It is curious that there are openvswitch plugins for Quantum in the Essex preview channel and I thought Essex was the predecessor to Folsom. Thanks again for your response. John On Mon, 2012-12-03 at 17:59 -0500, Perry Myers wrote: > On 12/03/2012 05:53 PM, John Larson wrote: > > Hello All, > > > > Apologies in advance if I am missing something obvious. > > > > I am subscribed to the Folsom Preview channel and I am using the Folsom > > Preview Getting Started Guide. Everything is working as expected, but > > when I get to the Quantum (Networking) Section (Chapter 7), I am > > instructed to yum install openstack-quantum-openvswitch. That RPM is not > > in the Folsom preview channel. It appears to be an important RPM. > > > > I have triple-checked that the RPM does not exist in the channel, but I > > would like someone else to verify that in case I have overlooked > > something. > > The docs are apparently a little eager for openvswitch support :) > > When the Folsom Preview was released, we couldn't release the > openstack-quantum-openvswitch package yet, because the underlying OS > (RHEL 6.3) didn't contain kernel support for OVS. > > Our plan is to release that package, and also the openvswitch userspace > package once RHEL 6.4 has released its public beta (which should be very > soon now) > > So for the time being, it is not possible to use the RHOS Folsom Preview > with OVS. But it should be possible to use it with other quantum > plugins if you have the requisite hardware. > > So just hold off for a few days, the packages should be there soon :) > > Perry From pmyers at redhat.com Tue Dec 4 00:45:46 2012 From: pmyers at redhat.com (Perry Myers) Date: Mon, 03 Dec 2012 19:45:46 -0500 Subject: [rhos-list] Folsom Preview RPM question In-Reply-To: <1354576496.15725.12.camel@f2151029-lin.wyltk.com> References: <1354575233.15725.5.camel@f2151029-lin.wyltk.com> <50BD2ED6.3050802@redhat.com> <1354576496.15725.12.camel@f2151029-lin.wyltk.com> Message-ID: <50BD47BA.3030908@redhat.com> On 12/03/2012 06:14 PM, John Larson wrote: > Perry, > > Thank you very much for responding so quickly. I really don't know how > to configure any of the other plug-ins as I am using the Red Hat Folsom > Preview Getting Started Guide so I guess I'll just wait. Yeah, right now the OVS instructions are the only ones we have since the other plugins rely on vendor support or hardware. We're going to be working with these other vendors over time to shore up both the support for Quantum plugins that require 3rd party software/hardware and also to get better documentation around them. > It is curious that there are openvswitch plugins for Quantum in the > Essex preview channel and I thought Essex was the predecessor to Folsom. Ah, if openvswitch-quantum-openstack was in the RHOS Essex Preview channel, that was an oversight. It should not have been there, since it's not usable without an underlying OS that has the kernel support Alan, we should probably remove that package to prevent further confusion. since we're only intending to allow OVS usage w/ Folsom. Can you take care of that? Cheers, Perry From pmyers at redhat.com Tue Dec 4 12:49:10 2012 From: pmyers at redhat.com (Perry Myers) Date: Tue, 04 Dec 2012 07:49:10 -0500 Subject: [rhos-list] Folsom Preview RPM question In-Reply-To: <50BD47BA.3030908@redhat.com> References: <1354575233.15725.5.camel@f2151029-lin.wyltk.com> <50BD2ED6.3050802@redhat.com> <1354576496.15725.12.camel@f2151029-lin.wyltk.com> <50BD47BA.3030908@redhat.com> Message-ID: <50BDF146.8090403@redhat.com> On 12/03/2012 07:45 PM, Perry Myers wrote: > On 12/03/2012 06:14 PM, John Larson wrote: >> Perry, >> >> Thank you very much for responding so quickly. I really don't know how >> to configure any of the other plug-ins as I am using the Red Hat Folsom >> Preview Getting Started Guide so I guess I'll just wait. > > Yeah, right now the OVS instructions are the only ones we have since the > other plugins rely on vendor support or hardware. We're going to be > working with these other vendors over time to shore up both the support > for Quantum plugins that require 3rd party software/hardware and also to > get better documentation around them. Also, not official documentation, but another user of the Folsom Preview has kindly posted documentation on how to set up a Folsom Preview based cloud using the linux bridge plugin for Quantum: http://d.hatena.ne.jp/enakai00/20121118/1353226066 Maybe this will help :) (Thanks Gary for pointing me to that post) Perry From jlarson at stas.fbi.gov Tue Dec 4 15:53:47 2012 From: jlarson at stas.fbi.gov (John Larson) Date: Tue, 4 Dec 2012 10:53:47 -0500 Subject: [rhos-list] Folsom Preview RPM question In-Reply-To: <50BD47BA.3030908@redhat.com> References: <1354575233.15725.5.camel@f2151029-lin.wyltk.com> <50BD2ED6.3050802@redhat.com> <1354576496.15725.12.camel@f2151029-lin.wyltk.com> <50BD47BA.3030908@redhat.com> Message-ID: <1354636427.15725.14.camel@f2151029-lin.wyltk.com> FWIW, The actual RPMs in the Essex preview are: openstack-quantum-openvswitch-2012.1-6.el6.noarch openstack-quantum-openvswitch-2012.1-8.el6.noarch Thanks again for your explanation and attention. John On Mon, 2012-12-03 at 19:45 -0500, Perry Myers wrote: > On 12/03/2012 06:14 PM, John Larson wrote: > > Perry, > > > > Thank you very much for responding so quickly. I really don't know how > > to configure any of the other plug-ins as I am using the Red Hat Folsom > > Preview Getting Started Guide so I guess I'll just wait. > > Yeah, right now the OVS instructions are the only ones we have since the > other plugins rely on vendor support or hardware. We're going to be > working with these other vendors over time to shore up both the support > for Quantum plugins that require 3rd party software/hardware and also to > get better documentation around them. > > > It is curious that there are openvswitch plugins for Quantum in the > > Essex preview channel and I thought Essex was the predecessor to Folsom. > > Ah, if openvswitch-quantum-openstack was in the RHOS Essex Preview > channel, that was an oversight. It should not have been there, since > it's not usable without an underlying OS that has the kernel support > > Alan, we should probably remove that package to prevent further > confusion. since we're only intending to allow OVS usage w/ Folsom. Can > you take care of that? > > Cheers, > > Perry From jlarson at stas.fbi.gov Tue Dec 4 15:56:51 2012 From: jlarson at stas.fbi.gov (John Larson) Date: Tue, 4 Dec 2012 10:56:51 -0500 Subject: [rhos-list] Folsom Preview RPM question In-Reply-To: <50BDF146.8090403@redhat.com> References: <1354575233.15725.5.camel@f2151029-lin.wyltk.com> <50BD2ED6.3050802@redhat.com> <1354576496.15725.12.camel@f2151029-lin.wyltk.com> <50BD47BA.3030908@redhat.com> <50BDF146.8090403@redhat.com> Message-ID: <1354636611.15725.17.camel@f2151029-lin.wyltk.com> Thanks Perry, I had already started using that. All hail Google! John On Tue, 2012-12-04 at 07:49 -0500, Perry Myers wrote: > On 12/03/2012 07:45 PM, Perry Myers wrote: > > On 12/03/2012 06:14 PM, John Larson wrote: > >> Perry, > >> > >> Thank you very much for responding so quickly. I really don't know how > >> to configure any of the other plug-ins as I am using the Red Hat Folsom > >> Preview Getting Started Guide so I guess I'll just wait. > > > > Yeah, right now the OVS instructions are the only ones we have since the > > other plugins rely on vendor support or hardware. We're going to be > > working with these other vendors over time to shore up both the support > > for Quantum plugins that require 3rd party software/hardware and also to > > get better documentation around them. > > Also, not official documentation, but another user of the Folsom Preview > has kindly posted documentation on how to set up a Folsom Preview based > cloud using the linux bridge plugin for Quantum: > > http://d.hatena.ne.jp/enakai00/20121118/1353226066 > > Maybe this will help :) > > (Thanks Gary for pointing me to that post) > > Perry From pmyers at redhat.com Tue Dec 4 21:41:06 2012 From: pmyers at redhat.com (Perry Myers) Date: Tue, 04 Dec 2012 16:41:06 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event Message-ID: <50BE6DF2.9010200@redhat.com> Wanted to give a heads up to RHOS Preview users that there is a virtual event going on tomorrow (Dec 5th) titled Optimizing IT. There are lots of good presentations to listen to, and among them I have a presentation on Red Hat OpenStack and what Red Hat is doing with respect to productization plans. If you would like to register for the virtual event (which is free), you can do so here: http://www.redhat.com/virtual/optimize/ Cheers, Perry -- |=- Red Hat, Engineering, Boston pmyers at redhat.com +1 412 329 8293 -=| |=- GnuPG E65E4F3D 88F9 F1C9 C2F3 1303 01FE 817C C5D2 8B91 E65E 4F3D -=| From daniel at dumdan.com Wed Dec 5 18:53:52 2012 From: daniel at dumdan.com (Daniel Dumitriu) Date: Wed, 05 Dec 2012 13:53:52 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <50BE6DF2.9010200@redhat.com> References: <50BE6DF2.9010200@redhat.com> Message-ID: <1354733632.3140.74.camel@camelot.ddse.ca> This is just a repeat of the comment/question I left in "The Lounge" of the Event: == Thanks, Perry, for the OpenStack presentation. Inciting, to say the least. Question: At various points, you did mention "Heat" as an upstream project. Could you be more specific on the provisioning side of things ? It would be interesting, for example, to see what could happen if "Foreman" would be used to "provision the Cloud". Especially for a "private hybrid cloud" that includes both VMs and hardware servers. Daniel -- ___________ Daniel Dumitriu daniel at dumdan.com Telephone: +1-416-626-9345 Mobile: +1-416-318-2487 -----Original Message----- From: Perry Myers To: rhos-list at redhat.com Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event Date: Tue, 04 Dec 2012 16:41:06 -0500 Wanted to give a heads up to RHOS Preview users that there is a virtual event going on tomorrow (Dec 5th) titled Optimizing IT. There are lots of good presentations to listen to, and among them I have a presentation on Red Hat OpenStack and what Red Hat is doing with respect to productization plans. If you would like to register for the virtual event (which is free), you can do so here: http://www.redhat.com/virtual/optimize/ Cheers, Perry From Rodrique.Heron at cigna.com Wed Dec 5 19:08:30 2012 From: Rodrique.Heron at cigna.com (Heron, Rodrique (CTR) WDC31) Date: Wed, 5 Dec 2012 14:08:30 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <1354733632.3140.74.camel@camelot.ddse.ca> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> Message-ID: I missed the event. I am using Foreman, and it would be nice to use Foreman to build images and push them to glance. - Rodrique Heron -----Original Message----- From: rhos-list-bounces at redhat.com [mailto:rhos-list-bounces at redhat.com] On Behalf Of Daniel Dumitriu Sent: Wednesday, December 05, 2012 1:54 PM To: Perry Myers Cc: rhos-list at redhat.com Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event This is just a repeat of the comment/question I left in "The Lounge" of the Event: == Thanks, Perry, for the OpenStack presentation. Inciting, to say the least. Question: At various points, you did mention "Heat" as an upstream project. Could you be more specific on the provisioning side of things ? It would be interesting, for example, to see what could happen if "Foreman" would be used to "provision the Cloud". Especially for a "private hybrid cloud" that includes both VMs and hardware servers. Daniel -- ___________ Daniel Dumitriu daniel at dumdan.com Telephone: +1-416-626-9345 Mobile: +1-416-318-2487 -----Original Message----- From: Perry Myers To: rhos-list at redhat.com Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event Date: Tue, 04 Dec 2012 16:41:06 -0500 Wanted to give a heads up to RHOS Preview users that there is a virtual event going on tomorrow (Dec 5th) titled Optimizing IT. There are lots of good presentations to listen to, and among them I have a presentation on Red Hat OpenStack and what Red Hat is doing with respect to productization plans. If you would like to register for the virtual event (which is free), you can do so here: http://www.redhat.com/virtual/optimize/ Cheers, Perry _______________________________________________ rhos-list mailing list rhos-list at redhat.com https://www.redhat.com/mailman/listinfo/rhos-list ------------------------------------------------------------------------------ CONFIDENTIALITY NOTICE: If you have received this email in error, please immediately notify the sender by e-mail at the address shown. This email transmission may contain confidential information. This information is intended only for the use of the individual(s) or entity to whom it is intended even if addressed incorrectly. Please delete it from your files if you are not the intended recipient. Thank you for your compliance. Copyright (c) 2012 Cigna ============================================================================== From pmyers at redhat.com Wed Dec 5 20:28:16 2012 From: pmyers at redhat.com (Perry Myers) Date: Wed, 05 Dec 2012 15:28:16 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> Message-ID: <50BFAE60.2010700@redhat.com> Hi Rodrique and Daniel, On 12/05/2012 02:08 PM, Heron, Rodrique (CTR) WDC31 wrote: > I missed the event. It's actually just recorded presentations, and they are available for 90 days I believe. So you may still be able to register for the event and listen to the presentations for a while. > I am using Foreman, and it would be nice to use Foreman to build images and push them to glance. Right, so today Foreman just takes images that already exist and what you're looking for is a feature enhancement to Foreman that would integrate with something like Image Factory or Oz to build new VM images from source media and then push those images into Glance. Do I have that right? > - > Rodrique Heron > > -----Original Message----- > From: rhos-list-bounces at redhat.com [mailto:rhos-list-bounces at redhat.com] On Behalf Of Daniel Dumitriu > Sent: Wednesday, December 05, 2012 1:54 PM > To: Perry Myers > Cc: rhos-list at redhat.com > Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event > > This is just a repeat of the comment/question I left in "The Lounge" of the Event: Apologies for not being in the lounge today to take the questions live. I had another commitment and couldn't attend. > == > Thanks, Perry, for the OpenStack presentation. > Inciting, to say the least. > Question: At various points, you did mention "Heat" as an upstream > project. Could you be more specific on the provisioning side of > things ? It's a service similar to Cloud Formations in Amazon AWS. It provides the ability to define a template that describes multiple VMs working in concert. So you would define a template with 1 or more VM definitions, and then tell Heat to launch that template. Heat then uses the OpenStack Nova APIs to launch the VMs in the proper order, waiting for things like dependencies in one VM before launching the 2nd. I've included some of the Heat folks on this thread. I'm sure they can do better justice to your question than I could :) > It would be interesting, for example, to see what could happen if > "Foreman" would be used to "provision the Cloud". Especially for a > "private hybrid cloud" that includes both VMs and hardware servers. Foreman could definitely be used for both bare metal server provisioning for OpenStack core services and Compute Nodes while also being used to provision the VMs that will be in the cloud. I thought that Ohad (Foreman creator/maintainer) had done some integration work (or maybe it was just planned) to better integrate Foreman w/ OpenStack from a guest provisioning perspective (using Fog as an abstraction layer I think) Ohad, any additional thoughts here? Perry From Rodrique.Heron at cigna.com Wed Dec 5 21:58:20 2012 From: Rodrique.Heron at cigna.com (Heron, Rodrique (CTR) WDC31) Date: Wed, 5 Dec 2012 16:58:20 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <50BFAE60.2010700@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> Message-ID: -----Original Message----- From: Perry Myers [mailto:pmyers at redhat.com] Sent: Wednesday, December 05, 2012 3:28 PM To: Heron, Rodrique (CTR) WDC31 Cc: daniel at dumdan.com; rhos-list at redhat.com; Ohad Levy; Ian McLeod; Steve Loranz; John R. Dunning; Angus Salkeld; Steven Hardy; Zane Bitter Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event Hi Rodrique and Daniel, On 12/05/2012 02:08 PM, Heron, Rodrique (CTR) WDC31 wrote: > I missed the event. It's actually just recorded presentations, and they are available for 90 days I believe. So you may still be able to register for the event and listen to the presentations for a while. > I am using Foreman, and it would be nice to use Foreman to build images and push them to glance. Right, so today Foreman just takes images that already exist and what you're looking for is a feature enhancement to Foreman that would integrate with something like Image Factory or Oz to build new VM images from source media and then push those images into Glance. Do I have that right? You are exactly right. I would be happy with just using OZ alone to build images and using some other tool to push those images into Glance. I believe fog can do this, I know Foreman uses fog to talk to Openstack, ovirt etc.. If anyone got a work script that uses OZ to build, then push images into Glance, please share. > - > Rodrique Heron > > -----Original Message----- > From: rhos-list-bounces at redhat.com > [mailto:rhos-list-bounces at redhat.com] On Behalf Of Daniel Dumitriu > Sent: Wednesday, December 05, 2012 1:54 PM > To: Perry Myers > Cc: rhos-list at redhat.com > Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event > > This is just a repeat of the comment/question I left in "The Lounge" of the Event: Apologies for not being in the lounge today to take the questions live. I had another commitment and couldn't attend. > == > Thanks, Perry, for the OpenStack presentation. > Inciting, to say the least. > Question: At various points, you did mention "Heat" as an upstream > project. Could you be more specific on the provisioning side of things > ? It's a service similar to Cloud Formations in Amazon AWS. It provides the ability to define a template that describes multiple VMs working in concert. So you would define a template with 1 or more VM definitions, and then tell Heat to launch that template. Heat then uses the OpenStack Nova APIs to launch the VMs in the proper order, waiting for things like dependencies in one VM before launching the 2nd. I've included some of the Heat folks on this thread. I'm sure they can do better justice to your question than I could :) > It would be interesting, for example, to see what could happen if > "Foreman" would be used to "provision the Cloud". Especially for a > "private hybrid cloud" that includes both VMs and hardware servers. Foreman could definitely be used for both bare metal server provisioning for OpenStack core services and Compute Nodes while also being used to provision the VMs that will be in the cloud. I thought that Ohad (Foreman creator/maintainer) had done some integration work (or maybe it was just planned) to better integrate Foreman w/ OpenStack from a guest provisioning perspective (using Fog as an abstraction layer I think) Ohad, any additional thoughts here? Perry ------------------------------------------------------------------------------ CONFIDENTIALITY NOTICE: If you have received this email in error, please immediately notify the sender by e-mail at the address shown. This email transmission may contain confidential information. This information is intended only for the use of the individual(s) or entity to whom it is intended even if addressed incorrectly. Please delete it from your files if you are not the intended recipient. Thank you for your compliance. Copyright (c) 2012 Cigna ============================================================================== From daniel at dumdan.com Wed Dec 5 22:24:05 2012 From: daniel at dumdan.com (Daniel Dumitriu) Date: Wed, 05 Dec 2012 17:24:05 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <50BFAE60.2010700@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> Message-ID: <1354746245.3140.116.camel@camelot.ddse.ca> Hi,... everyone! Well, all this sounds very interesting... Because I am, actually, using Oz to create my images for Nova... Of course, that doesn't say much because it's, still, a manual process with no integration. Perry, this is how things may happen, eventually - and I could be wrong (I'm known to do that, a lot): - somebody (Oz ?) creates images for VMs AND kickstarts for physicals; - somebody (Foreman ?) provisions physicals; - somebody (Foreman ? Heat ?) manages server profiles (templates ?); - somebody (Nova with Glance) provisions VMs; - somebody (Heat?) manages/orchestrates the aggregation of profiles (templates) and pushes them as schedules to Nova or Foreman... Except... there's a lot of overlapping, which it is understandable, given the origins of each project. By the way, I keep insisting on Foreman because (despite the trouble I have with it) it holds the promise of a "real cloud": one that's not exclusively virtualized. Also it looks like it is the only one that's focused on managing Puppet configurations (though Heat might, as well). Data center operations it would be benefiting a lot from the streamlining of such an approach (IMHO). (And I am sooo sorry I cannot dedicate more time and effort to pushing this stuff forward - my day job, you know...) Thanks, Daniel -- ___________ Daniel Dumitriu daniel at dumdan.com Telephone: +1-416-626-9345 Mobile: +1-416-318-2487 -----Original Message----- From: Perry Myers To: Heron, Rodrique (CTR) WDC31 Cc: daniel at dumdan.com , rhos-list at redhat.com , Ohad Levy , Ian McLeod , Steve Loranz , John R. Dunning , Angus Salkeld , Steven Hardy , Zane Bitter Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event Date: Wed, 05 Dec 2012 15:28:16 -0500 Hi Rodrique and Daniel, On 12/05/2012 02:08 PM, Heron, Rodrique (CTR) WDC31 wrote: > I missed the event. It's actually just recorded presentations, and they are available for 90 days I believe. So you may still be able to register for the event and listen to the presentations for a while. > I am using Foreman, and it would be nice to use Foreman to build images and push them to glance. Right, so today Foreman just takes images that already exist and what you're looking for is a feature enhancement to Foreman that would integrate with something like Image Factory or Oz to build new VM images from source media and then push those images into Glance. Do I have that right? > - > Rodrique Heron > > -----Original Message----- > From: rhos-list-bounces at redhat.com [mailto:rhos-list-bounces at redhat.com] On Behalf Of Daniel Dumitriu > Sent: Wednesday, December 05, 2012 1:54 PM > To: Perry Myers > Cc: rhos-list at redhat.com > Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event > > This is just a repeat of the comment/question I left in "The Lounge" of the Event: Apologies for not being in the lounge today to take the questions live. I had another commitment and couldn't attend. > == > Thanks, Perry, for the OpenStack presentation. > Inciting, to say the least. > Question: At various points, you did mention "Heat" as an upstream > project. Could you be more specific on the provisioning side of > things ? It's a service similar to Cloud Formations in Amazon AWS. It provides the ability to define a template that describes multiple VMs working in concert. So you would define a template with 1 or more VM definitions, and then tell Heat to launch that template. Heat then uses the OpenStack Nova APIs to launch the VMs in the proper order, waiting for things like dependencies in one VM before launching the 2nd. I've included some of the Heat folks on this thread. I'm sure they can do better justice to your question than I could :) > It would be interesting, for example, to see what could happen if > "Foreman" would be used to "provision the Cloud". Especially for a > "private hybrid cloud" that includes both VMs and hardware servers. Foreman could definitely be used for both bare metal server provisioning for OpenStack core services and Compute Nodes while also being used to provision the VMs that will be in the cloud. I thought that Ohad (Foreman creator/maintainer) had done some integration work (or maybe it was just planned) to better integrate Foreman w/ OpenStack from a guest provisioning perspective (using Fog as an abstraction layer I think) Ohad, any additional thoughts here? Perry From pmyers at redhat.com Wed Dec 5 22:57:36 2012 From: pmyers at redhat.com (Perry Myers) Date: Wed, 05 Dec 2012 17:57:36 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <1354746818.3053.49.camel@localhost.localdomain> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <1354746818.3053.49.camel@localhost.localdomain> Message-ID: <50BFD160.5050808@redhat.com> >>> I am using Foreman, and it would be nice to use Foreman to build images and push them to glance. >> >> Right, so today Foreman just takes images that already exist and what you're looking for is a feature enhancement to Foreman that would integrate with something like Image Factory or Oz to build new VM images from source media and then push those images into Glance. Do I have that right? >> >> You are exactly right. I would be happy with just using OZ alone to build images and using some other tool to push those images into Glance. I believe fog can do this, I know Foreman uses fog to talk to Openstack, ovirt etc.. If anyone got a work script that uses OZ to build, then push images into Glance, please share. > > So, "building with Oz and then uploading to glance" is more or less what > Image Factory does when building for OpenStack. With our plugin > structure it is possible to install only the bits needed to do this and > avoid pulling in things related to EC2, RHEV-M, etc. > > This is then visible as a RESTful service. Excellent. Thanks for the clarification Ian :) From pmyers at redhat.com Wed Dec 5 22:59:15 2012 From: pmyers at redhat.com (Perry Myers) Date: Wed, 05 Dec 2012 17:59:15 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <3907DB65-E395-434B-AC0B-1ACC63CE2664@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <3907DB65-E395-434B-AC0B-1ACC63CE2664@redhat.com> Message-ID: <50BFD1C3.5090603@redhat.com> On 12/05/2012 05:34 PM, Steve Loranz wrote: >> If anyone got a work script that uses OZ to build, then push images >> into Glance, please share. > > This is exactly what imagefactory will do for you. > > Please realize that imagefactory is plugin based. Our current OS > plugins pretty much just wrap Oz. The Cloud plugins take the > resulting OS images and manage whatever needs to be done to prepare > them for and push them to the cloud. If all you want is Openstack, > then only install the Openstack cloud plugin. This was done precisely > to decouple different areas of the code and make it easier for > developers focused on a specific OS or a specific cloud to work on > supporting that OS or cloud. For the user it allows imagefactory to > be as focused or as flexible as needed. One thing that might be useful would be to have IF/Oz utilize an OpenStack VM to do the image building vs. using a standalone kvm host. Is this something that could be done? From Rodrique.Heron at cigna.com Wed Dec 5 23:24:44 2012 From: Rodrique.Heron at cigna.com (Heron, Rodrique (CTR) WDC31) Date: Wed, 5 Dec 2012 18:24:44 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <3907DB65-E395-434B-AC0B-1ACC63CE2664@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> Message-ID: -----Original Message----- From: Steve Loranz [mailto:sloranz at redhat.com] Sent: Wednesday, December 05, 2012 5:34 PM To: Heron, Rodrique (CTR) WDC31 Cc: Perry Myers; daniel at dumdan.com; rhos-list at redhat.com; Ohad Levy; Ian McLeod; John R. Dunning; Angus Salkeld; Steven Hardy; Zane Bitter Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event > If anyone got a work script that uses OZ to build, then push images into Glance, please share. This is exactly what imagefactory will do for you. Please realize that imagefactory is plugin based. Our current OS plugins pretty much just wrap Oz. The Cloud plugins take the resulting OS images and manage whatever needs to be done to prepare them for and push them to the cloud. If all you want is Openstack, then only install the Openstack cloud plugin. This was done precisely to decouple different areas of the code and make it easier for developers focused on a specific OS or a specific cloud to work on supporting that OS or cloud. For the user it allows imagefactory to be as focused or as flexible as needed. -steve Steve/Ian Thanks for the pointers, I did look into Image Factory. But decided to use OZ because I wasn't sure if Image Factory was Aelous and I did not want aleous. Is there another source for information on using Image Factory the way you describe. I was looking at: http://www.aeolusproject.org/imagefactory.html On Dec 5, 2012, at 3:58 PM, "Heron, Rodrique (CTR) WDC31" wrote: > > -----Original Message----- > From: Perry Myers [mailto:pmyers at redhat.com] > Sent: Wednesday, December 05, 2012 3:28 PM > To: Heron, Rodrique (CTR) WDC31 > Cc: daniel at dumdan.com; rhos-list at redhat.com; Ohad Levy; Ian McLeod; > Steve Loranz; John R. Dunning; Angus Salkeld; Steven Hardy; Zane > Bitter > Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event > > Hi Rodrique and Daniel, > > On 12/05/2012 02:08 PM, Heron, Rodrique (CTR) WDC31 wrote: >> I missed the event. > > It's actually just recorded presentations, and they are available for 90 days I believe. So you may still be able to register for the event and listen to the presentations for a while. > >> I am using Foreman, and it would be nice to use Foreman to build images and push them to glance. > > Right, so today Foreman just takes images that already exist and what you're looking for is a feature enhancement to Foreman that would integrate with something like Image Factory or Oz to build new VM images from source media and then push those images into Glance. Do I have that right? > > You are exactly right. I would be happy with just using OZ alone to build images and using some other tool to push those images into Glance. I believe fog can do this, I know Foreman uses fog to talk to Openstack, ovirt etc.. If anyone got a work script that uses OZ to build, then push images into Glance, please share. > >> - >> Rodrique Heron >> >> -----Original Message----- >> From: rhos-list-bounces at redhat.com >> [mailto:rhos-list-bounces at redhat.com] On Behalf Of Daniel Dumitriu >> Sent: Wednesday, December 05, 2012 1:54 PM >> To: Perry Myers >> Cc: rhos-list at redhat.com >> Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event >> >> This is just a repeat of the comment/question I left in "The Lounge" of the Event: > > Apologies for not being in the lounge today to take the questions live. > I had another commitment and couldn't attend. > >> == >> Thanks, Perry, for the OpenStack presentation. >> Inciting, to say the least. >> Question: At various points, you did mention "Heat" as an upstream >> project. Could you be more specific on the provisioning side of >> things ? > > It's a service similar to Cloud Formations in Amazon AWS. It provides the ability to define a template that describes multiple VMs working in concert. So you would define a template with 1 or more VM definitions, and then tell Heat to launch that template. Heat then uses the OpenStack Nova APIs to launch the VMs in the proper order, waiting for things like dependencies in one VM before launching the 2nd. > > I've included some of the Heat folks on this thread. I'm sure they > can do better justice to your question than I could :) > >> It would be interesting, for example, to see what could happen if >> "Foreman" would be used to "provision the Cloud". Especially for a >> "private hybrid cloud" that includes both VMs and hardware servers. > > Foreman could definitely be used for both bare metal server > provisioning for OpenStack core services and Compute Nodes while also > being used to provision the VMs that will be in the cloud. I thought > that Ohad (Foreman creator/maintainer) had done some integration work > (or maybe it was just planned) to better integrate Foreman w/ > OpenStack from a guest provisioning perspective (using Fog as an > abstraction layer I think) > > Ohad, any additional thoughts here? > > Perry > > ---------------------------------------------------------------------- > -------- CONFIDENTIALITY NOTICE: If you have received this email in > error, please immediately notify the sender by e-mail at the address > shown. > This email transmission may contain confidential information. This > information is intended only for the use of the individual(s) or > entity to whom it is intended even if addressed incorrectly. Please > delete it from your files if you are not the intended recipient. > Thank you for your compliance. Copyright (c) 2012 Cigna > ====================================================================== > ======== > ------------------------------------------------------------------------------ CONFIDENTIALITY NOTICE: If you have received this email in error, please immediately notify the sender by e-mail at the address shown. This email transmission may contain confidential information. This information is intended only for the use of the individual(s) or entity to whom it is intended even if addressed incorrectly. Please delete it from your files if you are not the intended recipient. Thank you for your compliance. Copyright (c) 2012 Cigna ============================================================================== From asalkeld at redhat.com Wed Dec 5 23:47:52 2012 From: asalkeld at redhat.com (Angus Salkeld) Date: Thu, 6 Dec 2012 10:47:52 +1100 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <1354746245.3140.116.camel@camelot.ddse.ca> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <1354746245.3140.116.camel@camelot.ddse.ca> Message-ID: <20121205234752.GB2394@redhat.com> On 05/12/12 17:24 -0500, Daniel Dumitriu wrote: >Hi,... everyone! > >Well, all this sounds very interesting... > >Because I am, actually, using Oz to create my images for Nova... Of >course, that doesn't say much because it's, still, a manual process with >no integration. > >Perry, this is how things may happen, eventually - and I could be wrong >(I'm known to do that, a lot): > >- somebody (Oz ?) creates images for VMs AND kickstarts for physicals; >- somebody (Foreman ?) provisions physicals; >- somebody (Foreman ? Heat ?) manages server profiles (templates ?); >- somebody (Nova with Glance) provisions VMs; >- somebody (Heat?) manages/orchestrates the aggregation of > profiles (templates) and pushes them as schedules to Nova or > Foreman... > >Except... there's a lot of overlapping, which it is understandable, >given the origins of each project. Yea, there is a heap of overlap. All are trying to focus on something a bit different. - I believe Foreman is focused on baremetal (I am not up-to-date on the project tho') - ImageFactory and Aeolus is focused on being cloud neutral - Heat is focused on tight integration with OpenStack. I have a bias (Heat developer:) - With heat you _could_ (if you used bleading edge OpenStack) use OpenStack baremetal feature to deploy directly to baremetal (not vm's). (Some of our users are trying to get this to work). - You definitely can use Puppet with CloudFormation templates: https://s3.amazonaws.com/cloudformation-templates-us-east-1/puppet-master-configuration.template https://s3.amazonaws.com/cloudformation-templates-us-east-1/wordpress-via-puppet-client.template https://s3.amazonaws.com/cloudformation-templates-us-east-1/wordpress-via-puppet-client-building-block.template - One thing to add to this is Heat will do more than just provision the vm. You can setup a true Virtual application with networking, objectstore, volume, loadbalancer, autoscaling (soon DNSaas) resources. Current resources: https://github.com/openstack/heat/tree/master/heat/engine/resources -Angus > >By the way, I keep insisting on Foreman because (despite the trouble I >have with it) it holds the promise of a "real cloud": one that's not >exclusively virtualized. >Also it looks like it is the only one that's focused on managing Puppet >configurations (though Heat might, as well). >Data center operations it would be benefiting a lot from the >streamlining of such an approach (IMHO). > >(And I am sooo sorry I cannot dedicate more time and effort to pushing >this stuff forward - my day job, you know...) > >Thanks, > >Daniel > >-- >___________ >Daniel Dumitriu >daniel at dumdan.com >Telephone: +1-416-626-9345 >Mobile: +1-416-318-2487 > > >-----Original Message----- >From: Perry Myers >To: Heron, Rodrique (CTR) WDC31 >Cc: daniel at dumdan.com , rhos-list at redhat.com >, Ohad Levy , Ian McLeod >, Steve Loranz , John R. Dunning >, Angus Salkeld , Steven Hardy >, Zane Bitter >Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event >Date: Wed, 05 Dec 2012 15:28:16 -0500 > >Hi Rodrique and Daniel, > >On 12/05/2012 02:08 PM, Heron, Rodrique (CTR) WDC31 wrote: >> I missed the event. > >It's actually just recorded presentations, and they are available for 90 >days I believe. So you may still be able to register for the event and >listen to the presentations for a while. > >> I am using Foreman, and it would be nice to use Foreman to build images and push them to glance. > >Right, so today Foreman just takes images that already exist and what >you're looking for is a feature enhancement to Foreman that would >integrate with something like Image Factory or Oz to build new VM images >from source media and then push those images into Glance. Do I have >that right? > >> - >> Rodrique Heron >> >> -----Original Message----- >> From: rhos-list-bounces at redhat.com [mailto:rhos-list-bounces at redhat.com] On Behalf Of Daniel Dumitriu >> Sent: Wednesday, December 05, 2012 1:54 PM >> To: Perry Myers >> Cc: rhos-list at redhat.com >> Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event >> >> This is just a repeat of the comment/question I left in "The Lounge" of the Event: > >Apologies for not being in the lounge today to take the questions live. > I had another commitment and couldn't attend. > >> == >> Thanks, Perry, for the OpenStack presentation. >> Inciting, to say the least. >> Question: At various points, you did mention "Heat" as an upstream >> project. Could you be more specific on the provisioning side of >> things ? > >It's a service similar to Cloud Formations in Amazon AWS. It provides >the ability to define a template that describes multiple VMs working in >concert. So you would define a template with 1 or more VM definitions, >and then tell Heat to launch that template. Heat then uses the >OpenStack Nova APIs to launch the VMs in the proper order, waiting for >things like dependencies in one VM before launching the 2nd. > >I've included some of the Heat folks on this thread. I'm sure they can >do better justice to your question than I could :) > >> It would be interesting, for example, to see what could happen if >> "Foreman" would be used to "provision the Cloud". Especially for a >> "private hybrid cloud" that includes both VMs and hardware servers. > >Foreman could definitely be used for both bare metal server provisioning >for OpenStack core services and Compute Nodes while also being used to >provision the VMs that will be in the cloud. I thought that Ohad >(Foreman creator/maintainer) had done some integration work (or maybe it >was just planned) to better integrate Foreman w/ OpenStack from a guest >provisioning perspective (using Fog as an abstraction layer I think) > >Ohad, any additional thoughts here? > >Perry > From imcleod at redhat.com Wed Dec 5 23:34:07 2012 From: imcleod at redhat.com (Ian McLeod) Date: Wed, 05 Dec 2012 17:34:07 -0600 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <50BFD1C3.5090603@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <3907DB65-E395-434B-AC0B-1ACC63CE2664@redhat.com> <50BFD1C3.5090603@redhat.com> Message-ID: <1354750447.3053.57.camel@localhost.localdomain> (Note. I am not on rhos-list and cannot find it on the mailman web interface internally. My replies to the list are bouncing.) On Wed, 2012-12-05 at 17:59 -0500, Perry Myers wrote: > On 12/05/2012 05:34 PM, Steve Loranz wrote: > >> If anyone got a work script that uses OZ to build, then push images > >> into Glance, please share. > > > > This is exactly what imagefactory will do for you. > > > > Please realize that imagefactory is plugin based. Our current OS > > plugins pretty much just wrap Oz. The Cloud plugins take the > > resulting OS images and manage whatever needs to be done to prepare > > them for and push them to the cloud. If all you want is Openstack, > > then only install the Openstack cloud plugin. This was done precisely > > to decouple different areas of the code and make it easier for > > developers focused on a specific OS or a specific cloud to work on > > supporting that OS or cloud. For the user it allows imagefactory to > > be as focused or as flexible as needed. > > One thing that might be useful would be to have IF/Oz utilize an > OpenStack VM to do the image building vs. using a standalone kvm host. > Is this something that could be done? The short answer is "Probably, with modifications." Oz uses libvirt and has some baked in assumptions about talking to a local KVM or emulated QEMU machine. We could likely tease these out and use a VM provided by Nova. JRD asked me a couple of days ago to look into this in more detail. I've yet to do so. Apologies. A further complication is that both Oz and Factory make fairly heavy use of libguestfs, which also benefits from fast local virt and cannot easily be offloaded to an external VM. Another potential short answer is "Yes, effortlessly, if you can provide a VM container that enables nested virt." This would require a manual bootstrap of the utility image containing Factory/Oz. However, once in place this presents some intriguing options for horizontal scaling. An "image building 'deployable'" perhaps? -- Ian McLeod - Red Hat office: 312.660.3539 mobile: 312.899.6736 rh internal: (81) 33539 From pmyers at redhat.com Thu Dec 6 03:31:24 2012 From: pmyers at redhat.com (Perry Myers) Date: Wed, 05 Dec 2012 22:31:24 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <1354750447.3053.57.camel@localhost.localdomain> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <3907DB65-E395-434B-AC0B-1ACC63CE2664@redhat.com> <50BFD1C3.5090603@redhat.com> <1354750447.3053.57.camel@localhost.localdomain> Message-ID: <50C0118C.4030502@redhat.com> On 12/05/2012 06:34 PM, Ian McLeod wrote: > (Note. I am not on rhos-list and cannot find it on the mailman web > interface internally. My replies to the list are bouncing.) > > On Wed, 2012-12-05 at 17:59 -0500, Perry Myers wrote: >> On 12/05/2012 05:34 PM, Steve Loranz wrote: >>>> If anyone got a work script that uses OZ to build, then push images >>>> into Glance, please share. >>> >>> This is exactly what imagefactory will do for you. >>> >>> Please realize that imagefactory is plugin based. Our current OS >>> plugins pretty much just wrap Oz. The Cloud plugins take the >>> resulting OS images and manage whatever needs to be done to prepare >>> them for and push them to the cloud. If all you want is Openstack, >>> then only install the Openstack cloud plugin. This was done precisely >>> to decouple different areas of the code and make it easier for >>> developers focused on a specific OS or a specific cloud to work on >>> supporting that OS or cloud. For the user it allows imagefactory to >>> be as focused or as flexible as needed. >> >> One thing that might be useful would be to have IF/Oz utilize an >> OpenStack VM to do the image building vs. using a standalone kvm host. >> Is this something that could be done? > > The short answer is "Probably, with modifications." > > Oz uses libvirt and has some baked in assumptions about talking to a > local KVM or emulated QEMU machine. We could likely tease these out and > use a VM provided by Nova. JRD asked me a couple of days ago to look > into this in more detail. I've yet to do so. Apologies. A further > complication is that both Oz and Factory make fairly heavy use of > libguestfs, which also benefits from fast local virt and cannot easily > be offloaded to an external VM. > > Another potential short answer is "Yes, effortlessly, if you can provide > a VM container that enables nested virt." Interesting. I wonder if that's a good reason to provide a nested virt capable host type in Nova so that you can restrict where your VM is scheduled by that constraint? Russell, is that crazy? > This would require a manual bootstrap of the utility image containing > Factory/Oz. However, once in place this presents some intriguing > options for horizontal scaling. An "image building 'deployable'" > perhaps? Sounds like you're all over it. I wasn't sure if jrd had talked to you about this or not. Cheers :) From pmyers at redhat.com Thu Dec 6 03:35:16 2012 From: pmyers at redhat.com (Perry Myers) Date: Wed, 05 Dec 2012 22:35:16 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> Message-ID: <50C01274.5070803@redhat.com> On 12/05/2012 06:24 PM, Heron, Rodrique (CTR) WDC31 wrote: > -----Original Message----- > From: Steve Loranz [mailto:sloranz at redhat.com] > Sent: Wednesday, December 05, 2012 5:34 PM > To: Heron, Rodrique (CTR) WDC31 > Cc: Perry Myers; daniel at dumdan.com; rhos-list at redhat.com; Ohad Levy; Ian McLeod; John R. Dunning; Angus Salkeld; Steven Hardy; Zane Bitter > Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event > >> If anyone got a work script that uses OZ to build, then push images into Glance, please share. > > This is exactly what imagefactory will do for you. > > Please realize that imagefactory is plugin based. Our current OS plugins pretty much just wrap Oz. The Cloud plugins take the resulting OS images and manage whatever needs to be done to prepare them for and push them to the cloud. If all you want is Openstack, then only install the Openstack cloud plugin. This was done precisely to decouple different areas of the code and make it easier for developers focused on a specific OS or a specific cloud to work on supporting that OS or cloud. For the user it allows imagefactory to be as focused or as flexible as needed. > > -steve > > Steve/Ian > > Thanks for the pointers, I did look into Image Factory. But decided > to use OZ because I wasn't sure if Image Factory was Aelous and I did > not want aleous. Is there another source for information on using > Image Factory the way you describe. Image Factory is part of the Aeolus project, but it is not == Aeolus. It is just one of many components that make up that infrastructure. That being said, I see no reason why Image Factory couldn't be used outside of Aeolus in the way we're discussing here. So no need to steer clear of IF just because it's part of the Aeolus project :) From daniel at dumdan.com Thu Dec 6 05:26:51 2012 From: daniel at dumdan.com (Daniel Dumitriu) Date: Thu, 06 Dec 2012 00:26:51 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <20121205234752.GB2394@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <1354746245.3140.116.camel@camelot.ddse.ca> <20121205234752.GB2394@redhat.com> Message-ID: <1354771611.3140.304.camel@camelot.ddse.ca> Hey, Angus, It's really good to see somebody with a "Heat bias". The heavier, the better! Your last point is really interesting, because it expresses what I meant by "Heat managing/orchestrating" the aggregation of profiles... I wouldn't call the generic Heat target "an application" but, rather, a "Heat system" or "Heat environment" or... any other name for "Instantiated Infrastructure Architecture Patterns". In any case, if I understood you correctly, Heat is, already, headed in that direction. (Note to self: Must look into Heat...) I'm sure I shouldn't be speaking for Ohad, but I worked a bit with Foreman (struggled would be more accurate, partly due to my stubbornness) and I could, at least, say that no, Foreman is, definitely not, focused on "bare metal". At least in the most recent "incarnations" Foreman's goal is to manage complex Puppet-based configurations. The bare-metal is there, but pretty well defined (read: almost a plugin) and used as a means to the goal. I do like it because of that, and the fact that it has a rather uniform approach to provisioning. I ran into Foreman because of my attempts to parametrize and script RHOS: I needed an API-enabled, maybe script-able, solution to deploy the hardware OpenStack components. It looked like Foreman could, eventually, fit such a bill. There's one other thing that haunts me: too many people are reluctant to take my (or anyone else's) word that virtual environments will provide the same performance or security as the bare-metal. So, over time, I created my own definition for "hybrid cloud": a cloud comprised of both virtual and physical machines. This is completely different from the "mixed" or "heterogeneous" cloud, which spans private and public cloud deployments. As for Image Factory - I know nothing of it and should, maybe, look "into it". However, whatever framework is used to create the images, we may reach a point where we actually want to provide a dedicated, kvm-capable, machine(s?) that can be shared between tenants, with some kind of stateless image generating sessions. More or less, what Perry was suggesting (but without specific scheduling). Ok, enough, for now. (And apologies to everyone of a different persuasion - in the last year or so, *for me*, if it's virtual, it has to be KVM) Daniel -- ___________ Daniel Dumitriu daniel at dumdan.com Telephone: +1-416-626-9345 Mobile: +1-416-318-2487 -----Original Message----- From: Angus Salkeld To: Daniel Dumitriu Cc: Perry Myers , Heron, Rodrique (CTR) WDC31 , rhos-list at redhat.com , Ohad Levy , Ian McLeod , Steve Loranz , John R. Dunning , Steven Hardy , Zane Bitter Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event Date: Thu, 6 Dec 2012 10:47:52 +1100 On 05/12/12 17:24 -0500, Daniel Dumitriu wrote: >Hi,... everyone! > >Well, all this sounds very interesting... > >Because I am, actually, using Oz to create my images for Nova... Of >course, that doesn't say much because it's, still, a manual process with >no integration. > >Perry, this is how things may happen, eventually - and I could be wrong >(I'm known to do that, a lot): > >- somebody (Oz ?) creates images for VMs AND kickstarts for physicals; >- somebody (Foreman ?) provisions physicals; >- somebody (Foreman ? Heat ?) manages server profiles (templates ?); >- somebody (Nova with Glance) provisions VMs; >- somebody (Heat?) manages/orchestrates the aggregation of > profiles (templates) and pushes them as schedules to Nova or > Foreman... > >Except... there's a lot of overlapping, which it is understandable, >given the origins of each project. Yea, there is a heap of overlap. All are trying to focus on something a bit different. - I believe Foreman is focused on baremetal (I am not up-to-date on the project tho') - ImageFactory and Aeolus is focused on being cloud neutral - Heat is focused on tight integration with OpenStack. I have a bias (Heat developer:) - With heat you _could_ (if you used bleading edge OpenStack) use OpenStack baremetal feature to deploy directly to baremetal (not vm's). (Some of our users are trying to get this to work). - You definitely can use Puppet with CloudFormation templates: https://s3.amazonaws.com/cloudformation-templates-us-east-1/puppet-master-configuration.template https://s3.amazonaws.com/cloudformation-templates-us-east-1/wordpress-via-puppet-client.template https://s3.amazonaws.com/cloudformation-templates-us-east-1/wordpress-via-puppet-client-building-block.template - One thing to add to this is Heat will do more than just provision the vm. You can setup a true Virtual application with networking, objectstore, volume, loadbalancer, autoscaling (soon DNSaas) resources. Current resources: https://github.com/openstack/heat/tree/master/heat/engine/resources -Angus > >By the way, I keep insisting on Foreman because (despite the trouble I >have with it) it holds the promise of a "real cloud": one that's not >exclusively virtualized. >Also it looks like it is the only one that's focused on managing Puppet >configurations (though Heat might, as well). >Data center operations it would be benefiting a lot from the >streamlining of such an approach (IMHO). > >(And I am sooo sorry I cannot dedicate more time and effort to pushing >this stuff forward - my day job, you know...) > >Thanks, > >Daniel > >-- >___________ >Daniel Dumitriu >daniel at dumdan.com >Telephone: +1-416-626-9345 >Mobile: +1-416-318-2487 > > >-----Original Message----- >From: Perry Myers >To: Heron, Rodrique (CTR) WDC31 >Cc: daniel at dumdan.com , rhos-list at redhat.com >, Ohad Levy , Ian McLeod >, Steve Loranz , John R. Dunning >, Angus Salkeld , Steven Hardy >, Zane Bitter >Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event >Date: Wed, 05 Dec 2012 15:28:16 -0500 > >Hi Rodrique and Daniel, > >On 12/05/2012 02:08 PM, Heron, Rodrique (CTR) WDC31 wrote: >> I missed the event. > >It's actually just recorded presentations, and they are available for 90 >days I believe. So you may still be able to register for the event and >listen to the presentations for a while. > >> I am using Foreman, and it would be nice to use Foreman to build images and push them to glance. > >Right, so today Foreman just takes images that already exist and what >you're looking for is a feature enhancement to Foreman that would >integrate with something like Image Factory or Oz to build new VM images >from source media and then push those images into Glance. Do I have >that right? > >> - >> Rodrique Heron >> >> -----Original Message----- >> From: rhos-list-bounces at redhat.com [mailto:rhos-list-bounces at redhat.com] On Behalf Of Daniel Dumitriu >> Sent: Wednesday, December 05, 2012 1:54 PM >> To: Perry Myers >> Cc: rhos-list at redhat.com >> Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event >> >> This is just a repeat of the comment/question I left in "The Lounge" of the Event: > >Apologies for not being in the lounge today to take the questions live. > I had another commitment and couldn't attend. > >> == >> Thanks, Perry, for the OpenStack presentation. >> Inciting, to say the least. >> Question: At various points, you did mention "Heat" as an upstream >> project. Could you be more specific on the provisioning side of >> things ? > >It's a service similar to Cloud Formations in Amazon AWS. It provides >the ability to define a template that describes multiple VMs working in >concert. So you would define a template with 1 or more VM definitions, >and then tell Heat to launch that template. Heat then uses the >OpenStack Nova APIs to launch the VMs in the proper order, waiting for >things like dependencies in one VM before launching the 2nd. > >I've included some of the Heat folks on this thread. I'm sure they can >do better justice to your question than I could :) > >> It would be interesting, for example, to see what could happen if >> "Foreman" would be used to "provision the Cloud". Especially for a >> "private hybrid cloud" that includes both VMs and hardware servers. > >Foreman could definitely be used for both bare metal server provisioning >for OpenStack core services and Compute Nodes while also being used to >provision the VMs that will be in the cloud. I thought that Ohad >(Foreman creator/maintainer) had done some integration work (or maybe it >was just planned) to better integrate Foreman w/ OpenStack from a guest >provisioning perspective (using Fog as an abstraction layer I think) > >Ohad, any additional thoughts here? > >Perry > From shardy at redhat.com Thu Dec 6 10:50:29 2012 From: shardy at redhat.com (Steven Hardy) Date: Thu, 6 Dec 2012 10:50:29 +0000 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <1354771611.3140.304.camel@camelot.ddse.ca> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <1354746245.3140.116.camel@camelot.ddse.ca> <20121205234752.GB2394@redhat.com> <1354771611.3140.304.camel@camelot.ddse.ca> Message-ID: <20121206105028.GC10416@heatlt.redhat.com> On Thu, Dec 06, 2012 at 12:26:51AM -0500, Daniel Dumitriu wrote: > Hey, Angus, > > It's really good to see somebody with a "Heat bias". The heavier, the > better! > > Your last point is really interesting, because it expresses what I meant > by "Heat managing/orchestrating" the aggregation of profiles... > > I wouldn't call the generic Heat target "an application" but, rather, a > "Heat system" or "Heat environment" or... any other name for > "Instantiated Infrastructure Architecture Patterns". The terminology we use is "stack", borrowed from AWS Cloudformation which uses the same term for template-defined-infrastructure. > In any case, if I understood you correctly, Heat is, already, headed in > that direction. > > (Note to self: Must look into Heat...) If you're interested in an overview/introduction, you may like to look at the slides for the presentation I gave at the EMEA openstack day yesterday: http://people.redhat.com/~shardy/heat/emea-openstack-day-2012-12/shardy_emea_openstack_day_notes.pdf I also have some screencast demos, but I need to do some editing and record an audio narration, will try to get that done this week. Steve (also a Heat developer :) From nicolas.vogel at heig-vd.ch Thu Dec 6 10:56:51 2012 From: nicolas.vogel at heig-vd.ch (Vogel Nicolas) Date: Thu, 6 Dec 2012 10:56:51 +0000 Subject: [rhos-list] keystone or dashboard problem? Message-ID: Hi, I've just made a new install with the latest version of the < RedHat getting started guide with Openstack Folsom > Revision 1.0-2. I'm using CentOS 6.3 for this install. After installing Openstack-keystone, I'm unable to perform "keystone user-list" and "keystone token-get". I have sourced the keystonerc_username file but the system says "Expecting an endpoint provided via either --endpoint or env[SERVICE_ENDPOINT]". When I'm explicitly given the endpoint in the command line, the output is "Configuration error: Client configured to run without a service catalog. Run the client using --os-auth-url or OS_AUTH_URL, instead of --os-endpoint or OS_SERVICE_ENDPOINT, for example." But the OS_AUTH_URL is configured in my keystonerc_username file so I don't understand why the system asks for it. I can then all the installation steps without problems, but after I given my credentials in the dashboard login page (admin/secret or username/secret), I got "Internal Server Error". Is that linked with the first problem from Keystone? I'm searching for more information in logs but currently I found no answer to my questions. Thanks for help, Nicolas Vogel Institut for Information and Communication Technologies University of Applied Sciences - Western Switzerland -------------- next part -------------- An HTML attachment was scrubbed... URL: From shardy at redhat.com Thu Dec 6 10:22:58 2012 From: shardy at redhat.com (Steven Hardy) Date: Thu, 6 Dec 2012 10:22:58 +0000 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <50C01274.5070803@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <3907DB65-E395-434B-AC0B-1ACC63CE2664@redhat.com> <50C01274.5070803@redhat.com> Message-ID: <20121206102257.GB10416@heatlt.redhat.com> On Wed, Dec 05, 2012 at 10:35:16PM -0500, Perry Myers wrote: > On 12/05/2012 06:24 PM, Heron, Rodrique (CTR) WDC31 wrote: > > -----Original Message----- > > From: Steve Loranz [mailto:sloranz at redhat.com] > > Sent: Wednesday, December 05, 2012 5:34 PM > > To: Heron, Rodrique (CTR) WDC31 > > Cc: Perry Myers; daniel at dumdan.com; rhos-list at redhat.com; Ohad Levy; Ian McLeod; John R. Dunning; Angus Salkeld; Steven Hardy; Zane Bitter > > Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event > > > >> If anyone got a work script that uses OZ to build, then push images into Glance, please share. If all you want is a script, rather than an image-building-service, then heat has a python utility which will build an image from an oz TDL then push it to glance: https://github.com/heat-api/heat-jeos > > This is exactly what imagefactory will do for you. > > > > Please realize that imagefactory is plugin based. Our current OS plugins pretty much just wrap Oz. The Cloud plugins take the resulting OS images and manage whatever needs to be done to prepare them for and push them to the cloud. If all you want is Openstack, then only install the Openstack cloud plugin. This was done precisely to decouple different areas of the code and make it easier for developers focused on a specific OS or a specific cloud to work on supporting that OS or cloud. For the user it allows imagefactory to be as focused or as flexible as needed. > > > > -steve > > > > Steve/Ian > > > > Thanks for the pointers, I did look into Image Factory. But decided > > to use OZ because I wasn't sure if Image Factory was Aelous and I did > > not want aleous. Is there another source for information on using > > Image Factory the way you describe. > > Image Factory is part of the Aeolus project, but it is not == Aeolus. > It is just one of many components that make up that infrastructure. > > That being said, I see no reason why Image Factory couldn't be used > outside of Aeolus in the way we're discussing here. So no need to steer > clear of IF just because it's part of the Aeolus project :) I met Martyn Taylor recently at the aeolus dev-conf and we ended up discussing the possible use-case of imagefactory for openstack. We worked up a PoC which demonstrates the existing imagefactory OpenstackCloud plugin capability[1] integrated with a modified version of horizon[2], so you can do build the image via horizon and it automagically ends up in glance. I made an initial screencast demo, but I know Martyn is working on an improved screencast which will soon be sent out to the lists (Martyn, added on Cc can provide more info) As Ian has already mentioned, there are some scalablity and performance issues to be addressed, but it does work :) [1] - With a couple of tweaks : https://github.com/aeolusproject/imagefactory/pull/182 [2] - https://github.com/mtaylor/horizon Steve From vaibhav.k.agarwal at in.com Thu Dec 6 12:26:42 2012 From: vaibhav.k.agarwal at in.com (Kumar Vaibhav) Date: Thu, 06 Dec 2012 17:56:42 +0530 Subject: [rhos-list] Keystone user authentication with existing LDAP Message-ID: <1354796802.5c5bc7df3d37b2a7ea29e1b47b2bd4ab@mail.in.com> Hi,I want to authenticate my users with existing OpenLDAP server. It already have the username and password for users. I use this OpenLDAP server for authenticating Linux servers in the network.Is it possible to keep only user information in LDAP.?Since my LDAP server do not have Role, Group,and other Tree DN available, I want these to be stored in database only. I should have used Only DB also but the problem is my OpenLDAP server has passwords encrypted in MD5.Regards,VaibhavGet Yourself a cool, short @in.com Email ID now! -------------- next part -------------- An HTML attachment was scrubbed... URL: From bkearney at redhat.com Thu Dec 6 12:58:28 2012 From: bkearney at redhat.com (Bryan Kearney) Date: Thu, 06 Dec 2012 07:58:28 -0500 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <20121205234752.GB2394@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <1354746245.3140.116.camel@camelot.ddse.ca> <20121205234752.GB2394@redhat.com> Message-ID: <50C09674.40504@redhat.com> On 12/05/2012 06:47 PM, Angus Salkeld wrote: > On 05/12/12 17:24 -0500, Daniel Dumitriu wrote: >> Hi,... everyone! >> >> Well, all this sounds very interesting... >> >> Because I am, actually, using Oz to create my images for Nova... Of >> course, that doesn't say much because it's, still, a manual process with >> no integration. >> >> Perry, this is how things may happen, eventually - and I could be wrong >> (I'm known to do that, a lot): >> >> - somebody (Oz ?) creates images for VMs AND kickstarts for physicals; >> - somebody (Foreman ?) provisions physicals; >> - somebody (Foreman ? Heat ?) manages server profiles (templates ?); >> - somebody (Nova with Glance) provisions VMs; >> - somebody (Heat?) manages/orchestrates the aggregation of >> profiles (templates) and pushes them as schedules to Nova or >> Foreman... >> >> Except... there's a lot of overlapping, which it is understandable, >> given the origins of each project. > > > Yea, there is a heap of overlap. All are trying to focus on something > a bit different. > - I believe Foreman is focused on baremetal (I am not up-to-date on the > project tho') > - ImageFactory and Aeolus is focused on being cloud neutral > - Heat is focused on tight integration with OpenStack. Speaking for Ohad... I would go that Foreman is about build based provisioning on top of a JeOS, either in bare metal or in the cloud. How that JeOs gets there (kickstart, image, jumpstart) is not really relevant. Today, Fog is used to communicate with virt backends. I think they are about 10 lines away from OpenStack support right now. -- bk From eglynn at redhat.com Thu Dec 6 13:10:50 2012 From: eglynn at redhat.com (Eoghan Glynn) Date: Thu, 6 Dec 2012 08:10:50 -0500 (EST) Subject: [rhos-list] OpenStack Ireland user group meetup in Cork, Dec 6th In-Reply-To: <902660878.19858643.1354799279553.JavaMail.root@redhat.com> Message-ID: <1462349180.19859153.1354799450868.JavaMail.root@redhat.com> Folks, Late notice I know, but just a quick heads-up that we'll have a Red Hat presence at the OpenStack Ireland user group meetup[1] in Cork on Dec 6th. I'll be presenting on emerging OpenStack initiatives around measurement, abstract follows ... Cheers, Eoghan What's going on in your Stack? Surfacing visibility onto the usage patterns, performance and internal dynamics of an OpenStack deployment is crucial to cloud operators. At the same time, users often need to be aware of the state of their cloud resources and to trigger notifications or scaling actions when certain thresholds are hit. Eoghan will explain how the OpenStack community is grappling with these challenges, and give the background to a number of emerging initiatives addressing related metering, monitoring and instrumentation concerns. [1] http://www.meetup.com/OpenStack-Ireland/events/92413652/ From ayoung at redhat.com Thu Dec 6 14:33:55 2012 From: ayoung at redhat.com (Adam Young) Date: Thu, 06 Dec 2012 09:33:55 -0500 Subject: [rhos-list] Keystone user authentication with existing LDAP In-Reply-To: <1354796802.5c5bc7df3d37b2a7ea29e1b47b2bd4ab@mail.in.com> References: <1354796802.5c5bc7df3d37b2a7ea29e1b47b2bd4ab@mail.in.com> Message-ID: <50C0ACD3.6050202@redhat.com> On 12/06/2012 07:26 AM, Kumar Vaibhav wrote: > Hi, > > I want to authenticate my users with existing OpenLDAP server. It > already have the username and password for users. > I use this OpenLDAP server for authenticating Linux servers in the > network. > > Is it possible to keep only user information in LDAP.? Not yet, sorry. > > Since my LDAP server do not have Role, Group, and other Tree DN > available, I want these to be stored in database only. Can you not modify the LDAP schema? These are trivial to maintain in LDAP. Or, are you not going to be modifying the User list? One thing you can try is to sync the user list over to the SQL Database without passwords, run Keystone in apache and use mod_auth_ldap to log in. It is an untested configuration, but it should work. > > I should have used Only DB also but the problem is my OpenLDAP server > has passwords encrypted in MD5. > > Regards, > Vaibhav > > > Get Yourself a cool, short *@in.com* Email ID now! > > > > _______________________________________________ > rhos-list mailing list > rhos-list at redhat.com > https://www.redhat.com/mailman/listinfo/rhos-list -------------- next part -------------- An HTML attachment was scrubbed... URL: From vaibhav.k.agarwal at in.com Thu Dec 6 15:25:44 2012 From: vaibhav.k.agarwal at in.com (Kumar Vaibhav) Date: Thu, 06 Dec 2012 20:55:44 +0530 Subject: [rhos-list] Keystone user authentication with existing LDAP Message-ID: <1354807544.09c6c3783b4a70054da74f2538ed47c6@mail.in.com> On 12/06/2012 07:26 AM, Kumar Vaibhavwrote:Hi,I want to authenticate my users with existing OpenLDAP server. Italready have the username and password for users. I use this OpenLDAP server for authenticating Linux servers in thenetwork.Is it possible to keep only user information in LDAP.? Not yet, sorry.Since my LDAP server do not have Role, Group, and other Tree DNavailable, I want these to be stored in database only.Can you not modify the LDAP schema?These are trivial to maintain in LDAP.Or, are you not going to be modifying the User list?Yes I don't want to modify the user list or their Attributes. This LDAP server is managed by other system.One thing you can try is to sync the user list over to the SQL Database without passwords, run Keystone in apache and use modauthldap to log in.It is an untested configuration, but it should work.It is easy for me to sync the user name and password from the LDAP to MySQL DB. But the password I have in LDAP is MD5 encrypted. OpenstackKe ystone uses other encryption algorithm. Is it possible to use MD5 as encryption method for keystone? I should have used Only DB also but the problem is my OpenLDAPserver has passwords encrypted in MD5.Regards,VaibhavGet Yourself a cool, short @in.com Email ID now! rhoslist mailing list rhoslist at redhat.com https://www.redhat.com/mailman/listinfo/rhoslistGet Yourself a cool, short @in.com Email ID now! -------------- next part -------------- An HTML attachment was scrubbed... URL: From sloranz at redhat.com Thu Dec 6 15:27:11 2012 From: sloranz at redhat.com (Steve Loranz) Date: Thu, 6 Dec 2012 09:27:11 -0600 Subject: [rhos-list] Optimizing IT: Red Hat Virtual Event In-Reply-To: <50C01274.5070803@redhat.com> References: <50BE6DF2.9010200@redhat.com> <1354733632.3140.74.camel@camelot.ddse.ca> <50BFAE60.2010700@redhat.com> <50C01274.5070803@redhat.com> Message-ID: On Dec 5, 2012, at 9:35 PM, Perry Myers wrote: > On 12/05/2012 06:24 PM, Heron, Rodrique (CTR) WDC31 wrote: >> -----Original Message----- >> From: Steve Loranz [mailto:sloranz at redhat.com] >> Sent: Wednesday, December 05, 2012 5:34 PM >> To: Heron, Rodrique (CTR) WDC31 >> Cc: Perry Myers; daniel at dumdan.com; rhos-list at redhat.com; Ohad Levy; Ian McLeod; John R. Dunning; Angus Salkeld; Steven Hardy; Zane Bitter >> Subject: Re: [rhos-list] Optimizing IT: Red Hat Virtual Event >> >>> If anyone got a work script that uses OZ to build, then push images into Glance, please share. >> >> This is exactly what imagefactory will do for you. >> >> Please realize that imagefactory is plugin based. Our current OS plugins pretty much just wrap Oz. The Cloud plugins take the resulting OS images and manage whatever needs to be done to prepare them for and push them to the cloud. If all you want is Openstack, then only install the Openstack cloud plugin. This was done precisely to decouple different areas of the code and make it easier for developers focused on a specific OS or a specific cloud to work on supporting that OS or cloud. For the user it allows imagefactory to be as focused or as flexible as needed. >> >> -steve >> >> Steve/Ian >> >> Thanks for the pointers, I did look into Image Factory. But decided >> to use OZ because I wasn't sure if Image Factory was Aelous and I did >> not want aleous. Is there another source for information on using >> Image Factory the way you describe. > > Image Factory is part of the Aeolus project, but it is not == Aeolus. > It is just one of many components that make up that infrastructure. > > That being said, I see no reason why Image Factory couldn't be used > outside of Aeolus in the way we're discussing here. So no need to steer > clear of IF just because it's part of the Aeolus project :) In fact, we are trying to be considered independent of Aeolus as we have no dependencies from the Aeolus project. We recently launched http://imgfac.org to develop our own identity and community. There, you can find an evolving collection of documentation for installing and using imagefactory (http://imgfac.org/documentation). I'm trying to get a non-RPM install working now to make it easier to get started on a system other than RHEL/Fedora (Ubuntu being the current focus). -steve From vaibhav.k.agarwal at in.com Thu Dec 6 15:31:14 2012 From: vaibhav.k.agarwal at in.com (Kumar Vaibhav) Date: Thu, 06 Dec 2012 21:01:14 +0530 Subject: [rhos-list] Keystone user authentication with existing LDAP Message-ID: <1354807874.bac49b876d5dfc9cd169c22ef5178ca7@mail.in.com> Original message From:"Adam Young"< ayoung at redhat.com >Date: 6 Dec 12 20:05:14Subject: Re: [rhoslist] Keystone user authentication with existing LDAPTo: rhoslist at redhat.com On 12/06/2012 07:26 AM, Kumar Vaibhavwrote:Hi,I want to authenticate my users with existing OpenLDAP server. Italready have the username and password for users. I use this OpenLDAP server for authenticating Linux servers in thenetwork.Is it possible to keep only user information in LDAP.? Not yet, sorry.Since my LDAP server do not have Role, Group, and other Tree DNavailable, I want these to be stored in database only. >> Can you not modify the LDAP schema? These are trivial to maintainin LDAP.>> Or, are you not going to be modifying the User list?Yes I don't want to modify the user list or their Attributes. This LDAP server is managed by other system.>> One thing you can try is to sync the user list over to the SQLDatabase without passwords, run Keystone in apache and usemodauthldap to log in. It is an u ntested configuration, but itshould work.It is easy for me to sync the user name andpassword from the LDAP to MySQL DB. But the password I have in LDAP isMD5 encrypted. OpenstackKeystone uses other encryption algorithm. Is it possible to use MD5 as encryption method for keystone? I should have used Only DB also but the problem is my OpenLDAPserver has passwords encrypted in MD5.Regards,VaibhavGet Yourself a cool, short @in.com Email ID now! rhoslist mailing list rhoslist at redhat.com https://www.redhat.com/mailman/listinfo/rhoslistGet Yourself a cool, short @in.com Email ID now! -------------- next part -------------- An HTML attachment was scrubbed... URL: From mrunge at redhat.com Fri Dec 7 09:28:18 2012 From: mrunge at redhat.com (Matthias Runge) Date: Fri, 07 Dec 2012 10:28:18 +0100 Subject: [rhos-list] keystone or dashboard problem? In-Reply-To: References: Message-ID: <50C1B6B2.5020004@redhat.com> On 12/06/2012 11:56 AM, Vogel Nicolas wrote: > Hi, > > > > I?ve just made a new install with the latest version of the ? RedHat > getting started guide with Openstack Folsom ? Revision 1.0-2. > > I?m using CentOS 6.3 for this install. > > > > After installing Openstack-keystone, I?m unable to perform ?keystone > user-list? and ?keystone token-get?. I have sourced the > keystonerc_username file but the system says ?Expecting an endpoint > provided via either --endpoint or env[SERVICE_ENDPOINT]?. When I?m > explicitly given the endpoint in the command line, the output is > ?Configuration error: Client configured to run without a service > catalog. Run the client using --os-auth-url or OS_AUTH_URL, instead of > --os-endpoint or OS_SERVICE_ENDPOINT, for example.? > > But the OS_AUTH_URL is configured in my keystonerc_username file so I > don?t understand why the system asks for it. > > > > I can then all the installation steps without problems, but after I > given my credentials in the dashboard login page (admin/secret or > username/secret), I got ?Internal Server Error?. > > > > Is that linked with the first problem from Keystone? > Hi, speaking for dashboard: dashboard reads its configuration from keystone, so a working keystone is required to be able to use horizon. So, yes, your horizon problems should be directly linked to your keystone issues. Matthias > > > I?m searching for more information in logs but currently I found no > answer to my questions. > > > > Thanks for help, > > > > *Nicolas Vogel* > > *Institut for Information and Communication Technologies* > > *University of Applied Sciences ? Western Switzerland* > > > > _______________________________________________ > rhos-list mailing list > rhos-list at redhat.com > https://www.redhat.com/mailman/listinfo/rhos-list > From nicolas.vogel at heig-vd.ch Fri Dec 7 13:16:25 2012 From: nicolas.vogel at heig-vd.ch (Vogel Nicolas) Date: Fri, 7 Dec 2012 13:16:25 +0000 Subject: [rhos-list] keystone or dashboard problem? In-Reply-To: <50C1B6B2.5020004@redhat.com> References: <50C1B6B2.5020004@redhat.com> Message-ID: Thanks for your answer, Did you have any idea why Keystone is "expecting an endpoint provided via either --endpoint or env[SERVICE_ENDPOINT]"? When I'm trying the following command: "keystone --os-endpoint http://10.192.75.242:5000/v2.0 token-get", I get "Configuration error: Client configured to run without a service catalog. Run the client using --os-auth-url or OS_AUTH_URL, instead of --os-endpoint or OS_SERVICE_ENDPOINT, for example." The OS_AUTH_URL is configured in my keystonerc_username file and I sourced it successfully. I didn't had this problem when I made the installation with CentOS 6.2. Currently I'm working with CentOS 6.3. Thank's for answers and ideas to fix the problem. Regards, Nicolas. -----Original Message----- From: rhos-list-bounces at redhat.com [mailto:rhos-list-bounces at redhat.com] On Behalf Of Matthias Runge Sent: vendredi 7 d?cembre 2012 10:28 To: rhos-list at redhat.com Subject: Re: [rhos-list] keystone or dashboard problem? On 12/06/2012 11:56 AM, Vogel Nicolas wrote: > Hi, > > > > I've just made a new install with the latest version of the ? RedHat > getting started guide with Openstack Folsom ? Revision 1.0-2. > > I'm using CentOS 6.3 for this install. > > > > After installing Openstack-keystone, I'm unable to perform "keystone > user-list" and "keystone token-get". I have sourced the > keystonerc_username file but the system says "Expecting an endpoint > provided via either --endpoint or env[SERVICE_ENDPOINT]". When I'm > explicitly given the endpoint in the command line, the output is > "Configuration error: Client configured to run without a service > catalog. Run the client using --os-auth-url or OS_AUTH_URL, instead of > --os-endpoint or OS_SERVICE_ENDPOINT, for example." > > But the OS_AUTH_URL is configured in my keystonerc_username file so I > don't understand why the system asks for it. > > > > I can then all the installation steps without problems, but after I > given my credentials in the dashboard login page (admin/secret or > username/secret), I got "Internal Server Error". > > > > Is that linked with the first problem from Keystone? > Hi, speaking for dashboard: dashboard reads its configuration from keystone, so a working keystone is required to be able to use horizon. So, yes, your horizon problems should be directly linked to your keystone issues. Matthias > > > I'm searching for more information in logs but currently I found no > answer to my questions. > > > > Thanks for help, > > > > *Nicolas Vogel* > > *Institut for Information and Communication Technologies* > > *University of Applied Sciences - Western Switzerland* > > > > _______________________________________________ > rhos-list mailing list > rhos-list at redhat.com > https://www.redhat.com/mailman/listinfo/rhos-list > _______________________________________________ rhos-list mailing list rhos-list at redhat.com https://www.redhat.com/mailman/listinfo/rhos-list From derekh at redhat.com Fri Dec 7 13:36:49 2012 From: derekh at redhat.com (Derek Higgins) Date: Fri, 07 Dec 2012 13:36:49 +0000 Subject: [rhos-list] keystone or dashboard problem? In-Reply-To: <50C1EE94.3010208@matthias-runge.de> References: <50C1B6B2.5020004@redhat.com> <50C1EE94.3010208@matthias-runge.de> Message-ID: <50C1F0F1.2030405@redhat.com> On 12/07/2012 01:26 PM, Matthias Runge wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 12/07/2012 02:16 PM, Vogel Nicolas wrote: >> Thanks for your answer, >> >> Did you have any idea why Keystone is "expecting an endpoint >> provided via either --endpoint or env[SERVICE_ENDPOINT]"? >> >> When I'm trying the following command: "keystone --os-endpoint >> http://10.192.75.242:5000/v2.0 token-get", I get "Configuration >> error: Client configured to run without a service catalog. Run the >> client using --os-auth-url or OS_AUTH_URL, instead of --os-endpoint >> or OS_SERVICE_ENDPOINT, for example." The OS_AUTH_URL is configured >> in my keystonerc_username file and I sourced it successfully. I >> didn't had this problem when I made the installation with CentOS >> 6.2. Currently I'm working with CentOS 6.3. >> >> Thank's for answers and ideas to fix the problem. >> >> Regards, Nicolas. >> > > I've made a file containing something like that: > export OS_USERNAME=admin > export OS_PASSWORD=xxxxxxxxxxx > export OS_TENANT_NAME=admin > export OS_AUTH_URL=http://127.0.0.1:35357/v2.0/ > > Every time, when I'm using keystone (or other OpenStack command line > tools), I'm sourcing that file for my session once. But: That is not > sourced automatically, I'm doing that by hand. Hi Nicolas, I think your original error is displayed if you have one of SERVICE_TOKEN or SERVICE_ENDPOINT in your environment but not both, they are intended to be used together. Also you should use these or the OS_* environment variables but not both. Can you make sure you have removed the SERVICE_TOKEN and SERVICE_ENDPOINT variables from your shell environment. $ unset SERVICE_TOKEN $ unset SERVICE_ENDPOINT and that you have defined the 4 OS_ variables that Matthias mentioned thanks, Derek. > > That's it. > > Cheers, > Matthias >> -----Original Message----- From: rhos-list-bounces at redhat.com >> [mailto:rhos-list-bounces at redhat.com] On Behalf Of Matthias Runge >> Sent: vendredi 7 d?cembre 2012 10:28 To: rhos-list at redhat.com >> Subject: Re: [rhos-list] keystone or dashboard problem? >> >> On 12/06/2012 11:56 AM, Vogel Nicolas wrote: >>> Hi, >>> >>> >>> >>> I've just made a new install with the latest version of the ? >>> RedHat getting started guide with Openstack Folsom ? Revision >>> 1.0-2. >>> >>> I'm using CentOS 6.3 for this install. >>> >>> >>> >>> After installing Openstack-keystone, I'm unable to perform >>> "keystone user-list" and "keystone token-get". I have sourced the >>> keystonerc_username file but the system says "Expecting an >>> endpoint provided via either --endpoint or >>> env[SERVICE_ENDPOINT]". When I'm explicitly given the endpoint in >>> the command line, the output is "Configuration error: Client >>> configured to run without a service catalog. Run the client using >>> --os-auth-url or OS_AUTH_URL, instead of --os-endpoint or >>> OS_SERVICE_ENDPOINT, for example." >>> >>> But the OS_AUTH_URL is configured in my keystonerc_username file >>> so I don't understand why the system asks for it. >>> >>> >>> >>> I can then all the installation steps without problems, but after >>> I given my credentials in the dashboard login page (admin/secret >>> or username/secret), I got "Internal Server Error". >>> >>> >>> >>> Is that linked with the first problem from Keystone? >>> >> >> Hi, >> >> speaking for dashboard: >> >> dashboard reads its configuration from keystone, so a working >> keystone is required to be able to use horizon. >> >> So, yes, your horizon problems should be directly linked to your >> keystone issues. >> >> Matthias >>> >>> >>> I'm searching for more information in logs but currently I found >>> no answer to my questions. >>> >>> >>> >>> Thanks for help, >>> >>> >>> >>> *Nicolas Vogel* >>> >>> *Institut for Information and Communication Technologies* >>> >>> *University of Applied Sciences - Western Switzerland* >>> >>> >>> >>> _______________________________________________ rhos-list mailing >>> list rhos-list at redhat.com >>> https://www.redhat.com/mailman/listinfo/rhos-list >>> >> >> _______________________________________________ rhos-list mailing >> list rhos-list at redhat.com >> https://www.redhat.com/mailman/listinfo/rhos-list >> _______________________________________________ cloud mailing list >> cloud at lists.fedoraproject.org >> https://admin.fedoraproject.org/mailman/listinfo/cloud >> > > > - -- > Matthias Runge > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.12 (GNU/Linux) > Comment: Using GnuPG with undefined - http://www.enigmail.net/ > > iQEcBAEBAgAGBQJQwe6PAAoJEOnz8qQwcaIWsNcH/1HA5Id1O2OtakIxGYctpXRT > p5sUrta57cduHom6K9gUc9KGcQHOb+WmhlNYJ+qmnkVexcGpZjbONwKdcbaLWAa0 > iYoVQTlwBbc6dfo8KojkjYcKTMwQeelWKQVWtTgD4SVlNq2v+zh2lMF46XmR6lD4 > 1s6krFQShuN0KaITU4Lsg38G+ZPDZp8WTs2EwhaONvZmSJoOOt4ej66RLTfzd7AZ > iqREmvAgIpjGzn2hc147BfpSry9L8fhd4TlIAJqfdiL7pSzeW1iTSz1QxT0h2dwB > tBW3H3HZzbIaTNWo/5Ra1BfE7/pmkQKwdVPqH18l93lhYERK7/xPDAguek1eDKo= > =7Qi/ > -----END PGP SIGNATURE----- > _______________________________________________ > cloud mailing list > cloud at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/cloud > From mrunge at matthias-runge.de Fri Dec 7 13:26:44 2012 From: mrunge at matthias-runge.de (Matthias Runge) Date: Fri, 07 Dec 2012 14:26:44 +0100 Subject: [rhos-list] keystone or dashboard problem? In-Reply-To: References: <50C1B6B2.5020004@redhat.com> Message-ID: <50C1EE94.3010208@matthias-runge.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/07/2012 02:16 PM, Vogel Nicolas wrote: > Thanks for your answer, > > Did you have any idea why Keystone is "expecting an endpoint > provided via either --endpoint or env[SERVICE_ENDPOINT]"? > > When I'm trying the following command: "keystone --os-endpoint > http://10.192.75.242:5000/v2.0 token-get", I get "Configuration > error: Client configured to run without a service catalog. Run the > client using --os-auth-url or OS_AUTH_URL, instead of --os-endpoint > or OS_SERVICE_ENDPOINT, for example." The OS_AUTH_URL is configured > in my keystonerc_username file and I sourced it successfully. I > didn't had this problem when I made the installation with CentOS > 6.2. Currently I'm working with CentOS 6.3. > > Thank's for answers and ideas to fix the problem. > > Regards, Nicolas. > I've made a file containing something like that: export OS_USERNAME=admin export OS_PASSWORD=xxxxxxxxxxx export OS_TENANT_NAME=admin export OS_AUTH_URL=http://127.0.0.1:35357/v2.0/ Every time, when I'm using keystone (or other OpenStack command line tools), I'm sourcing that file for my session once. But: That is not sourced automatically, I'm doing that by hand. That's it. Cheers, Matthias > -----Original Message----- From: rhos-list-bounces at redhat.com > [mailto:rhos-list-bounces at redhat.com] On Behalf Of Matthias Runge > Sent: vendredi 7 d?cembre 2012 10:28 To: rhos-list at redhat.com > Subject: Re: [rhos-list] keystone or dashboard problem? > > On 12/06/2012 11:56 AM, Vogel Nicolas wrote: >> Hi, >> >> >> >> I've just made a new install with the latest version of the ? >> RedHat getting started guide with Openstack Folsom ? Revision >> 1.0-2. >> >> I'm using CentOS 6.3 for this install. >> >> >> >> After installing Openstack-keystone, I'm unable to perform >> "keystone user-list" and "keystone token-get". I have sourced the >> keystonerc_username file but the system says "Expecting an >> endpoint provided via either --endpoint or >> env[SERVICE_ENDPOINT]". When I'm explicitly given the endpoint in >> the command line, the output is "Configuration error: Client >> configured to run without a service catalog. Run the client using >> --os-auth-url or OS_AUTH_URL, instead of --os-endpoint or >> OS_SERVICE_ENDPOINT, for example." >> >> But the OS_AUTH_URL is configured in my keystonerc_username file >> so I don't understand why the system asks for it. >> >> >> >> I can then all the installation steps without problems, but after >> I given my credentials in the dashboard login page (admin/secret >> or username/secret), I got "Internal Server Error". >> >> >> >> Is that linked with the first problem from Keystone? >> > > Hi, > > speaking for dashboard: > > dashboard reads its configuration from keystone, so a working > keystone is required to be able to use horizon. > > So, yes, your horizon problems should be directly linked to your > keystone issues. > > Matthias >> >> >> I'm searching for more information in logs but currently I found >> no answer to my questions. >> >> >> >> Thanks for help, >> >> >> >> *Nicolas Vogel* >> >> *Institut for Information and Communication Technologies* >> >> *University of Applied Sciences - Western Switzerland* >> >> >> >> _______________________________________________ rhos-list mailing >> list rhos-list at redhat.com >> https://www.redhat.com/mailman/listinfo/rhos-list >> > > _______________________________________________ rhos-list mailing > list rhos-list at redhat.com > https://www.redhat.com/mailman/listinfo/rhos-list > _______________________________________________ cloud mailing list > cloud at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/cloud > - -- Matthias Runge -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQEcBAEBAgAGBQJQwe6PAAoJEOnz8qQwcaIWsNcH/1HA5Id1O2OtakIxGYctpXRT p5sUrta57cduHom6K9gUc9KGcQHOb+WmhlNYJ+qmnkVexcGpZjbONwKdcbaLWAa0 iYoVQTlwBbc6dfo8KojkjYcKTMwQeelWKQVWtTgD4SVlNq2v+zh2lMF46XmR6lD4 1s6krFQShuN0KaITU4Lsg38G+ZPDZp8WTs2EwhaONvZmSJoOOt4ej66RLTfzd7AZ iqREmvAgIpjGzn2hc147BfpSry9L8fhd4TlIAJqfdiL7pSzeW1iTSz1QxT0h2dwB tBW3H3HZzbIaTNWo/5Ra1BfE7/pmkQKwdVPqH18l93lhYERK7/xPDAguek1eDKo= =7Qi/ -----END PGP SIGNATURE----- From nicolas.vogel at heig-vd.ch Fri Dec 7 14:02:52 2012 From: nicolas.vogel at heig-vd.ch (Vogel Nicolas) Date: Fri, 7 Dec 2012 14:02:52 +0000 Subject: [rhos-list] keystone or dashboard problem? In-Reply-To: <50C1F0F1.2030405@redhat.com> References: <50C1B6B2.5020004@redhat.com> <50C1EE94.3010208@matthias-runge.de> <50C1F0F1.2030405@redhat.com> Message-ID: Thank's for all your answers, I could fix it! I created a new tenant named "admin" (don't know if the name is important) and sourced a new file with the OS_* variables after unsetting SERVICE_TOKEN and SERVICE_ENDPOINT. I didn't know that SERVICE_TOKEN and SERVICE_ENDPOINT are intended to work together. Good to know ! Another question: Is it mandatory to create a specific tenant called "Service" and adding to him a user for each Openstack-Service (nova, glance, ...). It is mentioned in the official guide but not in the RedHat Preview. Thanks, Nicolas. -----Original Message----- From: Derek Higgins [mailto:derekh at redhat.com] Sent: vendredi 7 d?cembre 2012 14:37 To: Vogel Nicolas Cc: Fedora Cloud SIG; rhos-list at redhat.com Subject: Re: [rhos-list] keystone or dashboard problem? On 12/07/2012 01:26 PM, Matthias Runge wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 12/07/2012 02:16 PM, Vogel Nicolas wrote: >> Thanks for your answer, >> >> Did you have any idea why Keystone is "expecting an endpoint provided >> via either --endpoint or env[SERVICE_ENDPOINT]"? >> >> When I'm trying the following command: "keystone --os-endpoint >> http://10.192.75.242:5000/v2.0 token-get", I get "Configuration >> error: Client configured to run without a service catalog. Run the >> client using --os-auth-url or OS_AUTH_URL, instead of --os-endpoint >> or OS_SERVICE_ENDPOINT, for example." The OS_AUTH_URL is configured >> in my keystonerc_username file and I sourced it successfully. I >> didn't had this problem when I made the installation with CentOS 6.2. >> Currently I'm working with CentOS 6.3. >> >> Thank's for answers and ideas to fix the problem. >> >> Regards, Nicolas. >> > > I've made a file containing something like that: > export OS_USERNAME=admin > export OS_PASSWORD=xxxxxxxxxxx > export OS_TENANT_NAME=admin > export OS_AUTH_URL=http://127.0.0.1:35357/v2.0/ > > Every time, when I'm using keystone (or other OpenStack command line > tools), I'm sourcing that file for my session once. But: That is not > sourced automatically, I'm doing that by hand. Hi Nicolas, I think your original error is displayed if you have one of SERVICE_TOKEN or SERVICE_ENDPOINT in your environment but not both, they are intended to be used together. Also you should use these or the OS_* environment variables but not both. Can you make sure you have removed the SERVICE_TOKEN and SERVICE_ENDPOINT variables from your shell environment. $ unset SERVICE_TOKEN $ unset SERVICE_ENDPOINT and that you have defined the 4 OS_ variables that Matthias mentioned thanks, Derek. > > That's it. > > Cheers, > Matthias >> -----Original Message----- From: rhos-list-bounces at redhat.com >> [mailto:rhos-list-bounces at redhat.com] On Behalf Of Matthias Runge >> Sent: vendredi 7 d?cembre 2012 10:28 To: rhos-list at redhat.com >> Subject: Re: [rhos-list] keystone or dashboard problem? >> >> On 12/06/2012 11:56 AM, Vogel Nicolas wrote: >>> Hi, >>> >>> >>> >>> I've just made a new install with the latest version of the ? RedHat >>> getting started guide with Openstack Folsom ? Revision 1.0-2. >>> >>> I'm using CentOS 6.3 for this install. >>> >>> >>> >>> After installing Openstack-keystone, I'm unable to perform "keystone >>> user-list" and "keystone token-get". I have sourced the >>> keystonerc_username file but the system says "Expecting an endpoint >>> provided via either --endpoint or env[SERVICE_ENDPOINT]". When I'm >>> explicitly given the endpoint in the command line, the output is >>> "Configuration error: Client configured to run without a service >>> catalog. Run the client using --os-auth-url or OS_AUTH_URL, instead >>> of --os-endpoint or OS_SERVICE_ENDPOINT, for example." >>> >>> But the OS_AUTH_URL is configured in my keystonerc_username file so >>> I don't understand why the system asks for it. >>> >>> >>> >>> I can then all the installation steps without problems, but after I >>> given my credentials in the dashboard login page (admin/secret or >>> username/secret), I got "Internal Server Error". >>> >>> >>> >>> Is that linked with the first problem from Keystone? >>> >> >> Hi, >> >> speaking for dashboard: >> >> dashboard reads its configuration from keystone, so a working >> keystone is required to be able to use horizon. >> >> So, yes, your horizon problems should be directly linked to your >> keystone issues. >> >> Matthias >>> >>> >>> I'm searching for more information in logs but currently I found no >>> answer to my questions. >>> >>> >>> >>> Thanks for help, >>> >>> >>> >>> *Nicolas Vogel* >>> >>> *Institut for Information and Communication Technologies* >>> >>> *University of Applied Sciences - Western Switzerland* >>> >>> >>> >>> _______________________________________________ rhos-list mailing >>> list rhos-list at redhat.com >>> https://www.redhat.com/mailman/listinfo/rhos-list >>> >> >> _______________________________________________ rhos-list mailing >> list rhos-list at redhat.com >> https://www.redhat.com/mailman/listinfo/rhos-list >> _______________________________________________ cloud mailing list >> cloud at lists.fedoraproject.org >> https://admin.fedoraproject.org/mailman/listinfo/cloud >> > > > - -- > Matthias Runge > -----BEGIN PGP > SIGNATURE----- > Version: GnuPG v1.4.12 (GNU/Linux) > Comment: Using GnuPG with undefined - http://www.enigmail.net/ > > iQEcBAEBAgAGBQJQwe6PAAoJEOnz8qQwcaIWsNcH/1HA5Id1O2OtakIxGYctpXRT > p5sUrta57cduHom6K9gUc9KGcQHOb+WmhlNYJ+qmnkVexcGpZjbONwKdcbaLWAa0 > iYoVQTlwBbc6dfo8KojkjYcKTMwQeelWKQVWtTgD4SVlNq2v+zh2lMF46XmR6lD4 > 1s6krFQShuN0KaITU4Lsg38G+ZPDZp8WTs2EwhaONvZmSJoOOt4ej66RLTfzd7AZ > iqREmvAgIpjGzn2hc147BfpSry9L8fhd4TlIAJqfdiL7pSzeW1iTSz1QxT0h2dwB > tBW3H3HZzbIaTNWo/5Ra1BfE7/pmkQKwdVPqH18l93lhYERK7/xPDAguek1eDKo= > =7Qi/ > -----END PGP SIGNATURE----- > _______________________________________________ > cloud mailing list > cloud at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/cloud > From apevec at redhat.com Fri Dec 7 14:48:17 2012 From: apevec at redhat.com (Alan Pevec) Date: Fri, 7 Dec 2012 09:48:17 -0500 (EST) Subject: [rhos-list] keystone or dashboard problem? In-Reply-To: Message-ID: <1576754280.12111527.1354891697724.JavaMail.root@redhat.com> > Another question: Is it mandatory to create a specific tenant called > "Service" and adding to him a user for each Openstack-Service (nova, > glance, ...). It is mentioned in the official guide but not in the > RedHat Preview. Getting started needs to be updated to use service users instead of admin_token: https://bugzilla.redhat.com/show_bug.cgi?id=876763 Cheers, Alan From pmyers at redhat.com Wed Dec 12 04:06:02 2012 From: pmyers at redhat.com (Perry Myers) Date: Tue, 11 Dec 2012 23:06:02 -0500 Subject: [rhos-list] Updated RHOS Folsom Preview Packages (2012.2.1 + OVS) Message-ID: <50C802AA.5070406@redhat.com> Just wanted to pass along an update... We've pushed updated packages to the RHOS Folsom Preview repository for the 2012.2.1 stable branch releases. This includes updates for: python-django-horizon openstack-glance openstack-cinder openstack-nova openstack-quantum openstack-keystone We also shipped some brand new packages: openstack-packstack openvswitch PackStack is a text based installation utility for doing proof of concept, multi-host RHOS installs. It can be run on a single host and will use ssh to communicate to other hosts (that you define) to install core RHOS services on a small cluster of nodes. This should simplify getting a vanilla RHOS setup going significantly. The documentation on docs.redhat.com still outlines the manual installation procedure. But we should be updating these docs in the near future to cover some PackStack basics as well. But feel free to try it out, and let us know how it works. We also now ship the openvswitch userspace package, which can be used with the openvswitch kernel modules available in the RHEL 6.4 Beta. So if you want to try out RHOS Folsom Quantum with OVS, you can do so now. We have some basic documentation on how to use this combination here: http://red.ht/VTbl5n Just make sure to update your RHEL 6.3 host to RHEL 6.4, by enabling the RHEL 6.4 beta repository. You can do this with with the following commands if you are using subscription-manager: sudo yum repolist sudo yum-config-manager --enable rhel-6-server-beta-rpms sudo yum update Let us know if you have any questions or run into any problems. -- The Red Hat OpenStack Team From nicolas.vogel at heig-vd.ch Wed Dec 12 07:54:26 2012 From: nicolas.vogel at heig-vd.ch (Vogel Nicolas) Date: Wed, 12 Dec 2012 07:54:26 +0000 Subject: [rhos-list] unable to get a token Message-ID: Hi, Sorry for coming back with the same problem, but I really don't understand what is getting wrong on my install. I have CentOS 6.3 and I'm following the "Redhat Openstack Preview - Getting started guide rev. 1.0-4". I really follow the guide step by step and at the end from the Keystone chapter, I'm unable to get a token. I created both keystonerc_admin and keystonerc_username file and can source it successfully. After sourcing the keystonerc_username, I'm unable to display the user-list without giving the --os-endpoint and I'm completely unable to get a token. I also created a special tenant named "Service" and assigned to it four new users (nova, glance, ec2 and swift), like described in the official Openstack Install and Deploy Manuel (from nov. 2012) My keystonerc_username file is exactly the same as in the install-guide; I just replaced the loopback addresses with my server IP address in all the commands. Here is the output from my terminal: [admin at IICT-SV001 ~(keystone_username)]$ keystone user-list Expecting an endpoint provided via either --endpoint or env[SERVICE_ENDPOINT] [admin at IICT-SV001 ~(keystone_username)]$ keystone --os-endpoint http://10.192.75.242:35357/v2.0 user-list +----------------------------------+----------+---------+-------+ | id | name | enabled | email | +----------------------------------+----------+---------+-------+ | 0264bdc687d348a8b830b16be0c62629 | ec2 | True | | | 25f3b67a98b145ad9e8f1ec2c602f400 | username | True | | | 2a6f404d17864052a14963d2fefa4ae0 | nova | True | | | 5ff5d5ec35a34499a5caf21d94aed8d7 | glance | True | | | b7b26d9a43c7496abec2fcbd1cd5d1e4 | swift | True | | | f7bfd7ba488f4df2b9feececa4a5f173 | admin | True | | +----------------------------------+----------+---------+-------+ [admin at IICT-SV001 ~(keystone_username)]$ keystone token-get Expecting an endpoint provided via either --endpoint or env[SERVICE_ENDPOINT] [admin at IICT-SV001 ~(keystone_username)]$ keystone --os-endpoint http://10.192.75.242:35357/v2.0 token-get Configuration error: Client configured to run without a service catalog. Run the client using --os-auth-url or OS_AUTH_URL, instead of --os-endpoint or OS_SERVICE_ENDPOINT, for example. [admin at IICT-SV001 ~(keystone_username)]$ echo $OS_AUTH_URL http://10.192.75.242:5000/v2.0/ So as you can see the OS_AUTH_URL is well defined and I don't understand why I couldn't get a token. I already searched in different logs but couldn't find any answer. Thanks a lot for your help, Regards, Nicolas. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nux at li.nux.ro Wed Dec 12 10:33:41 2012 From: nux at li.nux.ro (Nux!) Date: Wed, 12 Dec 2012 10:33:41 +0000 Subject: [rhos-list] Updated RHOS Folsom Preview Packages (2012.2.1 + OVS) In-Reply-To: <50C802AA.5070406@redhat.com> References: <50C802AA.5070406@redhat.com> Message-ID: <51b56804662a81a15dfb56b2836d008e@li.nux.ro> On 12.12.2012 04:06, Perry Myers wrote: > Just wanted to pass along an update... That's great news, thanks! What will happen regarding namespace-enabled iputils? Right now this is the only important bit missing AFAIK. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro From derekh at redhat.com Wed Dec 12 12:52:32 2012 From: derekh at redhat.com (Derek Higgins) Date: Wed, 12 Dec 2012 12:52:32 +0000 Subject: [rhos-list] unable to get a token In-Reply-To: References: Message-ID: <50C87E10.7040405@redhat.com> On 12/12/2012 07:54 AM, Vogel Nicolas wrote: > Hi, > > > > Sorry for coming back with the same problem, but I really don?t > understand what is getting wrong on my install. I have CentOS 6.3 and > I?m following the ?Redhat Openstack Preview - Getting started guide rev. > 1.0-4?. > > I really follow the guide step by step and at the end from the Keystone > chapter, I?m unable to get a token. I created both keystonerc_admin and > keystonerc_username file and can source it successfully. > > After sourcing the keystonerc_username, I?m unable to display the > user-list without giving the --os-endpoint and I?m completely unable to > get a token. > > I also created a special tenant named ?Service? and assigned to it four > new users (nova, glance, ec2 and swift), like described in the official > Openstack Install and Deploy Manuel (from nov. 2012) > > My keystonerc_username file is exactly the same as in the install-guide; > I just replaced the loopback addresses with my server IP address in all > the commands. > > Here is the output from my terminal: > > > > [admin at IICT-SV001 ~(keystone_username)]$ keystone user-list > > Expecting an endpoint provided via either --endpoint or > env[SERVICE_ENDPOINT] > > > > [admin at IICT-SV001 ~(keystone_username)]$ keystone --os-endpoint > http://10.192.75.242:35357/v2.0 user-list > > +----------------------------------+----------+---------+-------+ > > | id | name | enabled | email | > > +----------------------------------+----------+---------+-------+ > > | 0264bdc687d348a8b830b16be0c62629 | ec2 | True | | > > | 25f3b67a98b145ad9e8f1ec2c602f400 | username | True | | > > | 2a6f404d17864052a14963d2fefa4ae0 | nova | True | | > > | 5ff5d5ec35a34499a5caf21d94aed8d7 | glance | True | | > > | b7b26d9a43c7496abec2fcbd1cd5d1e4 | swift | True | | > > | f7bfd7ba488f4df2b9feececa4a5f173 | admin | True | | > > +----------------------------------+----------+---------+-------+ > > > > [admin at IICT-SV001 ~(keystone_username)]$ keystone token-get > > Expecting an endpoint provided via either --endpoint or > env[SERVICE_ENDPOINT] > > > > [admin at IICT-SV001 ~(keystone_username)]$ keystone --os-endpoint > http://10.192.75.242:35357/v2.0 token-get > > Configuration error: Client configured to run without a service catalog. > Run the client using --os-auth-url or OS_AUTH_URL, instead of > --os-endpoint or OS_SERVICE_ENDPOINT, for example. > > > > [admin at IICT-SV001 ~(keystone_username)]$ echo $OS_AUTH_URL > > http://10.192.75.242:5000/v2.0/ > > > > So as you can see the OS_AUTH_URL is well defined and I don?t understand > why I couldn?t get a token. I already searched in different logs but > couldn?t find any answer. Hi Vogel, I suspect you still have SERVICE_TOKEN defined in your shell, see below for a log of commands I run to get working results and at the end how I set the variable to reproduce your error # Make sure you have no OpenStack authentication variables set [derekh at qt ~]$ env | grep -i -e service -e os_ # the contents of my admin and user rc files [derekh at qt ~]$ cat keystonerc_admin export OS_USERNAME=admin export OS_TENANT_NAME=admin export OS_PASSWORD=secret export OS_AUTH_URL=http://127.0.0.1:35357/v2.0/ export PS1="[\u@\h \W(keystone_admin)]\$ " [derekh at qt ~]$ cat keystonerc_username export OS_USERNAME=username export OS_TENANT_NAME=rhsummit export OS_PASSWORD=secret export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/ export PS1="[\u@\h \W(keystone_username)]\$ " # Source keystonerc_admin to use keystone as the admin user [derekh at qt ~]$ . keystonerc_admin [derekh at qt ~(keystone_admin)]$ keystone user-list +----------------------------------+----------+---------+-------+ | id | name | enabled | email | +----------------------------------+----------+---------+-------+ | 03b614eb5e024257be8f5cbd00837834 | username | True | | | da2df2e2b1b1462ebedce84e236e1918 | admin | True | | +----------------------------------+----------+---------+-------+ # Source keystonerc_username to use keystone as a unprivileged user [derekh at qt ~(keystone_admin)]$ . keystonerc_username # user-list doesn't work because we are no longer admin [derekh at qt ~(keystone_username)]$ keystone user-list You are not authorized to perform the requested action: admin_required (HTTP 403) # but I can get a token [derekh at qt ~(keystone_username)]$ keystone token-get +-----------+----------------------------------+ | Property | Value | +-----------+----------------------------------+ | expires | 2012-12-13T12:32:20Z | | id | f99e071ad81d48b9841c4d1c2f4e24c1 | | tenant_id | 21ca6367afbf4851a47e78ccc074eab4 | | user_id | 03b614eb5e024257be8f5cbd00837834 | +-----------+----------------------------------+ # Now set a SERVICE_TOKEN but no SERVICE_ENDPOINT, to reproduce the error you are seeing [derekh at qt ~(keystone_username)]$ export SERVICE_TOKEN=050ed8afbc072bab2098 [derekh at qt ~(keystone_username)]$ . keystonerc_admin [derekh at qt ~(keystone_admin)]$ keystone user-list Expecting an endpoint provided via either --endpoint or env[SERVICE_ENDPOINT] # specifying the endpoint on the command line is ok (its effectively the same as setting the SERVICE_ENDPOINT env variable [derekh at qt ~(keystone_admin)]$ keystone --os-endpoint http://127.0.0.1:35357/v2.0 user-list +----------------------------------+----------+---------+-------+ | id | name | enabled | email | +----------------------------------+----------+---------+-------+ | 03b614eb5e024257be8f5cbd00837834 | username | True | | | da2df2e2b1b1462ebedce84e236e1918 | admin | True | | +----------------------------------+----------+---------+-------+ # but we still can't get a token, this is because you have authenticated against keystone with the ADMIN token and not as a user, because you are not a user you can't create a token [derekh at qt ~(keystone_admin)]$ keystone --os-endpoint http://127.0.0.1:35357/v2.0 token-get Configuration error: Client configured to run without a service catalog. Run the client using --os-auth-url or OS_AUTH_URL, instead of --os-endpoint or OS_SERVICE_ENDPOINT, for example. In short, once you have created a keystone SERVICE_TOKEN and created an admin user with it, you should unset both SERVICE_TOKEN and SERVICE_ENDPOINT, forget about them and never use them again. Hope this helps, Derek. > > > > Thanks a lot for your help, > > > > Regards, > > Nicolas. > > > > _______________________________________________ > rhos-list mailing list > rhos-list at redhat.com > https://www.redhat.com/mailman/listinfo/rhos-list > From nicolas.vogel at heig-vd.ch Wed Dec 12 13:04:17 2012 From: nicolas.vogel at heig-vd.ch (Vogel Nicolas) Date: Wed, 12 Dec 2012 13:04:17 +0000 Subject: [rhos-list] unable to get a token In-Reply-To: <50C87E10.7040405@redhat.com> References: <50C87E10.7040405@redhat.com> Message-ID: Thanks so much for your answer, it works! I was totally confused with those different variables and didn't understand how they work exactly. But now it's allright :). I can continue my install. Thanks, Nicolas. -----Original Message----- From: Derek Higgins [mailto:derekh at redhat.com] Sent: mercredi 12 d?cembre 2012 13:53 To: Vogel Nicolas Cc: rhos-list at redhat.com; cloud at lists.fedoraproject.org Subject: Re: [rhos-list] unable to get a token On 12/12/2012 07:54 AM, Vogel Nicolas wrote: > Hi, > > > > Sorry for coming back with the same problem, but I really don't > understand what is getting wrong on my install. I have CentOS 6.3 and > I'm following the "Redhat Openstack Preview - Getting started guide rev. > 1.0-4". > > I really follow the guide step by step and at the end from the > Keystone chapter, I'm unable to get a token. I created both > keystonerc_admin and keystonerc_username file and can source it successfully. > > After sourcing the keystonerc_username, I'm unable to display the > user-list without giving the --os-endpoint and I'm completely unable > to get a token. > > I also created a special tenant named "Service" and assigned to it > four new users (nova, glance, ec2 and swift), like described in the > official Openstack Install and Deploy Manuel (from nov. 2012) > > My keystonerc_username file is exactly the same as in the > install-guide; I just replaced the loopback addresses with my server > IP address in all the commands. > > Here is the output from my terminal: > > > > [admin at IICT-SV001 ~(keystone_username)]$ keystone user-list > > Expecting an endpoint provided via either --endpoint or > env[SERVICE_ENDPOINT] > > > > [admin at IICT-SV001 ~(keystone_username)]$ keystone --os-endpoint > http://10.192.75.242:35357/v2.0 user-list > > +----------------------------------+----------+---------+-------+ > > | id | name | enabled | email | > > +----------------------------------+----------+---------+-------+ > > | 0264bdc687d348a8b830b16be0c62629 | ec2 | True | | > > | 25f3b67a98b145ad9e8f1ec2c602f400 | username | True | | > > | 2a6f404d17864052a14963d2fefa4ae0 | nova | True | | > > | 5ff5d5ec35a34499a5caf21d94aed8d7 | glance | True | | > > | b7b26d9a43c7496abec2fcbd1cd5d1e4 | swift | True | | > > | f7bfd7ba488f4df2b9feececa4a5f173 | admin | True | | > > +----------------------------------+----------+---------+-------+ > > > > [admin at IICT-SV001 ~(keystone_username)]$ keystone token-get > > Expecting an endpoint provided via either --endpoint or > env[SERVICE_ENDPOINT] > > > > [admin at IICT-SV001 ~(keystone_username)]$ keystone --os-endpoint > http://10.192.75.242:35357/v2.0 token-get > > Configuration error: Client configured to run without a service catalog. > Run the client using --os-auth-url or OS_AUTH_URL, instead of > --os-endpoint or OS_SERVICE_ENDPOINT, for example. > > > > [admin at IICT-SV001 ~(keystone_username)]$ echo $OS_AUTH_URL > > http://10.192.75.242:5000/v2.0/ > > > > So as you can see the OS_AUTH_URL is well defined and I don't > understand why I couldn't get a token. I already searched in different > logs but couldn't find any answer. Hi Vogel, I suspect you still have SERVICE_TOKEN defined in your shell, see below for a log of commands I run to get working results and at the end how I set the variable to reproduce your error # Make sure you have no OpenStack authentication variables set [derekh at qt ~]$ env | grep -i -e service -e os_ # the contents of my admin and user rc files [derekh at qt ~]$ cat keystonerc_admin export OS_USERNAME=admin export OS_TENANT_NAME=admin export OS_PASSWORD=secret export OS_AUTH_URL=http://127.0.0.1:35357/v2.0/ export PS1="[\u@\h \W(keystone_admin)]\$ " [derekh at qt ~]$ cat keystonerc_username export OS_USERNAME=username export OS_TENANT_NAME=rhsummit export OS_PASSWORD=secret export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/ export PS1="[\u@\h \W(keystone_username)]\$ " # Source keystonerc_admin to use keystone as the admin user [derekh at qt ~]$ . keystonerc_admin [derekh at qt ~(keystone_admin)]$ keystone user-list +----------------------------------+----------+---------+-------+ | id | name | enabled | email | +----------------------------------+----------+---------+-------+ | 03b614eb5e024257be8f5cbd00837834 | username | True | | | da2df2e2b1b1462ebedce84e236e1918 | admin | True | | +----------------------------------+----------+---------+-------+ # Source keystonerc_username to use keystone as a unprivileged user [derekh at qt ~(keystone_admin)]$ . keystonerc_username # user-list doesn't work because we are no longer admin [derekh at qt ~(keystone_username)]$ keystone user-list You are not authorized to perform the requested action: admin_required (HTTP 403) # but I can get a token [derekh at qt ~(keystone_username)]$ keystone token-get +-----------+----------------------------------+ | Property | Value | +-----------+----------------------------------+ | expires | 2012-12-13T12:32:20Z | | id | f99e071ad81d48b9841c4d1c2f4e24c1 | | tenant_id | 21ca6367afbf4851a47e78ccc074eab4 | user_id | | 03b614eb5e024257be8f5cbd00837834 | +-----------+----------------------------------+ # Now set a SERVICE_TOKEN but no SERVICE_ENDPOINT, to reproduce the error you are seeing [derekh at qt ~(keystone_username)]$ export SERVICE_TOKEN=050ed8afbc072bab2098 [derekh at qt ~(keystone_username)]$ . keystonerc_admin [derekh at qt ~(keystone_admin)]$ keystone user-list Expecting an endpoint provided via either --endpoint or env[SERVICE_ENDPOINT] # specifying the endpoint on the command line is ok (its effectively the same as setting the SERVICE_ENDPOINT env variable [derekh at qt ~(keystone_admin)]$ keystone --os-endpoint http://127.0.0.1:35357/v2.0 user-list +----------------------------------+----------+---------+-------+ | id | name | enabled | email | +----------------------------------+----------+---------+-------+ | 03b614eb5e024257be8f5cbd00837834 | username | True | | | da2df2e2b1b1462ebedce84e236e1918 | admin | True | | +----------------------------------+----------+---------+-------+ # but we still can't get a token, this is because you have authenticated against keystone with the ADMIN token and not as a user, because you are not a user you can't create a token [derekh at qt ~(keystone_admin)]$ keystone --os-endpoint http://127.0.0.1:35357/v2.0 token-get Configuration error: Client configured to run without a service catalog. Run the client using --os-auth-url or OS_AUTH_URL, instead of --os-endpoint or OS_SERVICE_ENDPOINT, for example. In short, once you have created a keystone SERVICE_TOKEN and created an admin user with it, you should unset both SERVICE_TOKEN and SERVICE_ENDPOINT, forget about them and never use them again. Hope this helps, Derek. > > > > Thanks a lot for your help, > > > > Regards, > > Nicolas. > > > > _______________________________________________ > rhos-list mailing list > rhos-list at redhat.com > https://www.redhat.com/mailman/listinfo/rhos-list > From pmyers at redhat.com Wed Dec 12 13:09:50 2012 From: pmyers at redhat.com (Perry Myers) Date: Wed, 12 Dec 2012 08:09:50 -0500 Subject: [rhos-list] Updated RHOS Folsom Preview Packages (2012.2.1 + OVS) In-Reply-To: <51b56804662a81a15dfb56b2836d008e@li.nux.ro> References: <50C802AA.5070406@redhat.com> <51b56804662a81a15dfb56b2836d008e@li.nux.ro> Message-ID: <50C8821E.9080308@redhat.com> On 12/12/2012 05:33 AM, Nux! wrote: > On 12.12.2012 04:06, Perry Myers wrote: >> Just wanted to pass along an update... > > That's great news, thanks! > What will happen regarding namespace-enabled iputils? Right now this is > the only important bit missing AFAIK. Good point, and I should have added a note in my initial email about this. :) RHEL 6.4 doesn't have all of the patches in the kernel needed yet to support network namespaces yet. We are going to try to target including this kernel support in RHEL 6.5. The iputils userspace also needed to be updated, but this was less problematic. If the kernelspace support had been there, we would have found a way to get the iputils userspace available to RHOS users. So the short term (RHEL 6.4), namespace support will not be available unfortunately. But hopefully when RHEL 6.5 comes out this will be rectified. Hope that helps, Perry From jmccafferty at intelligent.net Wed Dec 12 15:14:13 2012 From: jmccafferty at intelligent.net (McCafferty, James) Date: Wed, 12 Dec 2012 10:14:13 -0500 Subject: [rhos-list] Red Hat OpenStack (Folsom) Message-ID: Sir, Can you install OpenStack (Folsom) on a VM? I would like to know before I install this software. Thank You James McCafferty -------------- next part -------------- An HTML attachment was scrubbed... URL: From liugya at cn.ibm.com Wed Dec 12 15:18:23 2012 From: liugya at cn.ibm.com (Guang Ya GY Liu) Date: Wed, 12 Dec 2012 23:18:23 +0800 Subject: [rhos-list] Red Hat OpenStack (Folsom) In-Reply-To: References: Message-ID: Sure, we always do some test with VM for openstack but you may want to configure "libvirt_type=qemu" in nova.conf for compute node in case you want to create VMs, do live migration and so on. Thanks, Guangya Liu From: "McCafferty, James" To: "'rhos-list at redhat.com'" Date: 2012/12/12 23:14 Subject: [rhos-list] Red Hat OpenStack (Folsom) Sent by: rhos-list-bounces at redhat.com Sir, Can you install OpenStack (Folsom) on a VM? I would like to know before I install this software. Thank You James McCafferty_______________________________________________ rhos-list mailing list rhos-list at redhat.com https://www.redhat.com/mailman/listinfo/rhos-list -------------- next part -------------- An HTML attachment was scrubbed... URL: From pbrady at redhat.com Wed Dec 12 15:42:19 2012 From: pbrady at redhat.com (=?ISO-8859-1?Q?P=E1draig_Brady?=) Date: Wed, 12 Dec 2012 15:42:19 +0000 Subject: [rhos-list] Red Hat OpenStack (Folsom) In-Reply-To: References: Message-ID: <50C8A5DB.6000306@redhat.com> On 12/12/2012 03:14 PM, McCafferty, James wrote: > Sir, > > Can you install OpenStack (Folsom) on a VM? > > I would like to know before I install this software. Yes you can install in a VM. To support nested VMs with nova you need this basic config change: openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_type qemu There are other caveats to note with nested VMs... They will be the much slower TCG variety, and note you should provide lots of memory to the top level guest, as the OpenStack created guests default to 2GM RAM with no overcommit. To avoid Folsom issue https://bugzilla.redhat.com/show_bug.cgi?id=858216 you'll need to make this config change: openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_cpu_mode none If you're running with libvirt < v0.9.13-66 then you'll need to do this to avoid https://bugzilla.redhat.com/show_bug.cgi?id=813735 ln -s /usr/libexec/qemu-kvm /usr/bin/qemu-system-x86_64 service libvirtd restart service openstack-nova-compute restart thanks, P?draig. From chrisw at redhat.com Wed Dec 12 19:42:23 2012 From: chrisw at redhat.com (Chris Wright) Date: Wed, 12 Dec 2012 11:42:23 -0800 Subject: [rhos-list] Updated RHOS Folsom Preview Packages (2012.2.1 + OVS) In-Reply-To: <50C8821E.9080308@redhat.com> References: <50C802AA.5070406@redhat.com> <51b56804662a81a15dfb56b2836d008e@li.nux.ro> <50C8821E.9080308@redhat.com> Message-ID: <20121212194223.GP12270@x200.localdomain> * Perry Myers (pmyers at redhat.com) wrote: > On 12/12/2012 05:33 AM, Nux! wrote: > > On 12.12.2012 04:06, Perry Myers wrote: > >> Just wanted to pass along an update... > > > > That's great news, thanks! > > What will happen regarding namespace-enabled iputils? Right now this is > > the only important bit missing AFAIK. > > Good point, and I should have added a note in my initial email about > this. :) > > RHEL 6.4 doesn't have all of the patches in the kernel needed yet to > support network namespaces yet. We are going to try to target including > this kernel support in RHEL 6.5. That's correct, and I'd happily get test packages out to you, Nux!, if you're interested in helping with early testing. Just let me know. thanks, -chris From nux at li.nux.ro Wed Dec 12 23:35:08 2012 From: nux at li.nux.ro (Nux!) Date: Wed, 12 Dec 2012 23:35:08 +0000 Subject: [rhos-list] Updated RHOS Folsom Preview Packages (2012.2.1 + OVS) In-Reply-To: <20121212194223.GP12270@x200.localdomain> References: <50C802AA.5070406@redhat.com> <51b56804662a81a15dfb56b2836d008e@li.nux.ro> <50C8821E.9080308@redhat.com> <20121212194223.GP12270@x200.localdomain> Message-ID: On 12.12.2012 19:42, Chris Wright wrote: > * Perry Myers (pmyers at redhat.com) wrote: >> On 12/12/2012 05:33 AM, Nux! wrote: >> > On 12.12.2012 04:06, Perry Myers wrote: >> >> Just wanted to pass along an update... >> > >> > That's great news, thanks! >> > What will happen regarding namespace-enabled iputils? Right now >> this is >> > the only important bit missing AFAIK. >> >> Good point, and I should have added a note in my initial email about >> this. :) >> >> RHEL 6.4 doesn't have all of the patches in the kernel needed yet to >> support network namespaces yet. We are going to try to target >> including >> this kernel support in RHEL 6.5. > > That's correct, and I'd happily get test packages out to you, Nux!, > if you're interested in helping with early testing. Just let me > know. > > thanks, > -chris Sure! :) -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro From chrisw at redhat.com Wed Dec 12 23:37:51 2012 From: chrisw at redhat.com (Chris Wright) Date: Wed, 12 Dec 2012 15:37:51 -0800 Subject: [rhos-list] Updated RHOS Folsom Preview Packages (2012.2.1 + OVS) In-Reply-To: References: <50C802AA.5070406@redhat.com> <51b56804662a81a15dfb56b2836d008e@li.nux.ro> <50C8821E.9080308@redhat.com> <20121212194223.GP12270@x200.localdomain> Message-ID: <20121212233751.GC12270@x200.localdomain> * Nux! (nux at li.nux.ro) wrote: > On 12.12.2012 19:42, Chris Wright wrote: > >* Perry Myers (pmyers at redhat.com) wrote: > >>On 12/12/2012 05:33 AM, Nux! wrote: > >>> On 12.12.2012 04:06, Perry Myers wrote: > >>>> Just wanted to pass along an update... > >>> > >>> That's great news, thanks! > >>> What will happen regarding namespace-enabled iputils? Right now this > >>is > >>> the only important bit missing AFAIK. > >> > >>Good point, and I should have added a note in my initial email about > >>this. :) > >> > >>RHEL 6.4 doesn't have all of the patches in the kernel needed yet to > >>support network namespaces yet. We are going to try to target including > >>this kernel support in RHEL 6.5. > > > >That's correct, and I'd happily get test packages out to you, Nux!, > >if you're interested in helping with early testing. Just let me know. > > Sure! :) Great, I'll ping you once I have test packages. Given travel and holiday schedules it's easily something that will push into next year... thanks, -chris From prmarino1 at gmail.com Fri Dec 14 00:36:53 2012 From: prmarino1 at gmail.com (Paul Robert Marino) Date: Thu, 13 Dec 2012 19:36:53 -0500 Subject: [rhos-list] DNSmask issues Message-ID: Im working with a flat network with an external roue in my test environment for the most part its working well however dnsmask keeps giving its own ipaddress as the default route. Ive configured the gateway and dns in quantum quantum net-show public01 +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | fcf601ad-202d-4f8a-ae90-e1c902e85fb7 | | name | public01 | | provider:network_type | flat | | provider:physical_network | physnet1 | | provider:segmentation_id | | | router:external | True | | shared | True | | status | ACTIVE | | subnets | 9c5f1155-fb5b-4b23-b2c1-a06455a89119 | | tenant_id | ea8e05c057cb4d949f70fb2a406f3277 | +---------------------------+--------------------------------------+ quantum subnet-show pub_subnet01 +------------------+------------------------------------------------------+ | Field | Value | +------------------+------------------------------------------------------+ | allocation_pools | {"start": "192.168.253.2", "end": "192.168.253.254"} | | cidr | 192.168.253.0/24 | | dns_nameservers | 10.254.254.42 | | enable_dhcp | True | | gateway_ip | 192.168.253.1 | | host_routes | | | id | 9c5f1155-fb5b-4b23-b2c1-a06455a89119 | | ip_version | 4 | | name | pub_subnet01 | | network_id | fcf601ad-202d-4f8a-ae90-e1c902e85fb7 | | tenant_id | ea8e05c057cb4d949f70fb2a406f3277 | +------------------+------------------------------------------------------+ the dns_nameservers field seems to be ignored entierly so instead i had to set it in the dhcp_agent.ini but the thing thats really annoying me is that DNS masq keeps setting its own ip address on the subnet as the default gateway which is 192.168.253.2 also on a side note while Im on the subject of DNS is there any chance we will see Melange packages soon From prmarino1 at gmail.com Fri Dec 14 19:17:13 2012 From: prmarino1 at gmail.com (Paul Robert Marino) Date: Fri, 14 Dec 2012 14:17:13 -0500 Subject: [rhos-list] DNSmask issues In-Reply-To: References: Message-ID: After further investigation I found out this is a know issue with dnsmasq 2.48 and as it turns out I'm not the only one who has run into this issue https://lists.launchpad.net/openstack/msg19052.html when i looked at the options file for the instance of dnsmasq every thing was correct tag:tag0,option:dns-server,10.254.254.42 tag:tag0,option:router,192.168.253.1 so it looks like we have a buggy version On Thu, Dec 13, 2012 at 7:36 PM, Paul Robert Marino wrote: > Im working with a flat network with an external roue in my test > environment for the most part its working well however dnsmask keeps > giving its own ipaddress as the default route. > Ive configured the gateway and dns in quantum > > quantum net-show public01 > +---------------------------+--------------------------------------+ > | Field | Value | > +---------------------------+--------------------------------------+ > | admin_state_up | True | > | id | fcf601ad-202d-4f8a-ae90-e1c902e85fb7 | > | name | public01 | > | provider:network_type | flat | > | provider:physical_network | physnet1 | > | provider:segmentation_id | | > | router:external | True | > | shared | True | > | status | ACTIVE | > | subnets | 9c5f1155-fb5b-4b23-b2c1-a06455a89119 | > | tenant_id | ea8e05c057cb4d949f70fb2a406f3277 | > +---------------------------+--------------------------------------+ > > quantum subnet-show pub_subnet01 > > +------------------+------------------------------------------------------+ > | Field | Value | > +------------------+------------------------------------------------------+ > | allocation_pools | {"start": "192.168.253.2", "end": "192.168.253.254"} | > | cidr | 192.168.253.0/24 | > | dns_nameservers | 10.254.254.42 | > | enable_dhcp | True | > | gateway_ip | 192.168.253.1 | > | host_routes | | > | id | 9c5f1155-fb5b-4b23-b2c1-a06455a89119 | > | ip_version | 4 | > | name | pub_subnet01 | > | network_id | fcf601ad-202d-4f8a-ae90-e1c902e85fb7 | > | tenant_id | ea8e05c057cb4d949f70fb2a406f3277 | > +------------------+------------------------------------------------------+ > > the dns_nameservers field seems to be ignored entierly so instead i > had to set it in the dhcp_agent.ini > but the thing thats really annoying me is that DNS masq keeps setting > its own ip address on the subnet as the default gateway which is > 192.168.253.2 > > also on a side note while Im on the subject of DNS is there any chance > we will see Melange packages soon From prmarino1 at gmail.com Fri Dec 14 20:21:03 2012 From: prmarino1 at gmail.com (Paul Robert Marino) Date: Fri, 14 Dec 2012 15:21:03 -0500 Subject: [rhos-list] DNSmask issues In-Reply-To: References: Message-ID: I put in a bug ticket for the issue here https://bugzilla.redhat.com/show_bug.cgi?id=887369 On Thu, Dec 13, 2012 at 7:36 PM, Paul Robert Marino wrote: > Im working with a flat network with an external roue in my test > environment for the most part its working well however dnsmask keeps > giving its own ipaddress as the default route. > Ive configured the gateway and dns in quantum > > quantum net-show public01 > +---------------------------+--------------------------------------+ > | Field | Value | > +---------------------------+--------------------------------------+ > | admin_state_up | True | > | id | fcf601ad-202d-4f8a-ae90-e1c902e85fb7 | > | name | public01 | > | provider:network_type | flat | > | provider:physical_network | physnet1 | > | provider:segmentation_id | | > | router:external | True | > | shared | True | > | status | ACTIVE | > | subnets | 9c5f1155-fb5b-4b23-b2c1-a06455a89119 | > | tenant_id | ea8e05c057cb4d949f70fb2a406f3277 | > +---------------------------+--------------------------------------+ > > quantum subnet-show pub_subnet01 > > +------------------+------------------------------------------------------+ > | Field | Value | > +------------------+------------------------------------------------------+ > | allocation_pools | {"start": "192.168.253.2", "end": "192.168.253.254"} | > | cidr | 192.168.253.0/24 | > | dns_nameservers | 10.254.254.42 | > | enable_dhcp | True | > | gateway_ip | 192.168.253.1 | > | host_routes | | > | id | 9c5f1155-fb5b-4b23-b2c1-a06455a89119 | > | ip_version | 4 | > | name | pub_subnet01 | > | network_id | fcf601ad-202d-4f8a-ae90-e1c902e85fb7 | > | tenant_id | ea8e05c057cb4d949f70fb2a406f3277 | > +------------------+------------------------------------------------------+ > > the dns_nameservers field seems to be ignored entierly so instead i > had to set it in the dhcp_agent.ini > but the thing thats really annoying me is that DNS masq keeps setting > its own ip address on the subnet as the default gateway which is > 192.168.253.2 > > also on a side note while Im on the subject of DNS is there any chance > we will see Melange packages soon From prmarino1 at gmail.com Mon Dec 17 15:33:47 2012 From: prmarino1 at gmail.com (Paul Robert Marino) Date: Mon, 17 Dec 2012 10:33:47 -0500 Subject: [rhos-list] Fwd: [Bug 887369] dnsmasq not loading any of the information from the options file In-Reply-To: References: Message-ID: This was an intresting responce ---------- Forwarded message ---------- From: Date: Dec 17, 2012 9:28 AM Subject: [Bug 887369] dnsmasq not loading any of the information from the options file To: Product: Red Hat OpenStack https://bugzilla.redhat.com/show_bug.cgi?id=887369 Tomas Hozza changed: What |Removed |Added ---------------------------------------------------------------------------- Group| |redhat CC| |ykaul at redhat.com Component|dnsmasq |openstack-quantum Version|6.3 |unspecified Assignee|thozza at redhat.com |rhos-maint at redhat.com Product|Red Hat Enterprise Linux 6 |Red Hat OpenStack Target Milestone|rc |RC QA Contact|qe-baseos-daemons at redhat.co |oblaut at redhat.com |m | --- Comment #2 from Tomas Hozza --- This is *NOT A BUG* in dnsmasq-2.48. If you read dnsmasq manual page, you will realise, that there is no such way to set TAGs by using "set:tag0" and also to refer to a TAG by "tag:tag0". Therefore it is not working with your options. There was a change in dnsmasq-2.53 which introduced the *NEW* TAGs setting and referring, but these options are *NOT AVAILABLE* in dnsmasq versions lower than 2.53. Regarding to dnsmasq-2.48 manual page, you can use existing options to SET the TAG and to refer to a TAG. In your case if you use: --dhcp-range=tag0,192.168.253.0,static,120s instead of --dhcp-range=set:tag0,192.168.253.0,static,120s and in the dhcp-optsfile: tag0,option:dns-server,10.254.254.42 tag0,option:router,192.168.253.1 instead of tag:tag0,option:dns-server,10.254.254.42 tag:tag0,option:router,192.168.253.1 everything will work. I tested it and server returned right options in DHCP reply. Changing Product to Red Hat OpenStack and component to openstack-quantum, since this is *NOT* a dnsmasq bug. OpenStack need to be fixed to use proper options when running dnsmasq! -- You are receiving this mail because: You reported the bug. -------------- next part -------------- An HTML attachment was scrubbed... URL: From anu.bhaskar.babu at accenture.com Thu Dec 27 10:50:06 2012 From: anu.bhaskar.babu at accenture.com (anu.bhaskar.babu at accenture.com) Date: Thu, 27 Dec 2012 10:50:06 +0000 Subject: [rhos-list] Dependency issue while installing openstack (nova) preview in rhel6.4 Message-ID: Hi, We are getting below dependency error while trying to install nova component of Redhat openstack preview. Please help OS Version: Red Hat Enterprise Linux Server release 6.4 Beta (Santiago) Error message: --> Processing Dependency: openssh = 5.3p1-81.el6_3 for package: openssh-clients-5.3p1-81.el6_3.x86_64 --> Processing Dependency: /usr/lib64/libkdb5.so.5 for package: 1:libguestfs-1.16.19-1.el6.x86_64 --> Finished Dependency Resolution Error: Package: 1:libguestfs-1.16.19-1.el6.x86_64 (rhel-x86_64-server-6) Requires: /usr/lib64/libkdb5.so.5 Error: Package: openssh-clients-5.3p1-81.el6_3.x86_64 (rhel-x86_64-server-6) Requires: openssh = 5.3p1-81.el6_3 [root at rhopenstack ~]# rpm -qa | grep openssh openssh-5.3p1-83.el6.x86_64 openssh-server-5.3p1-83.el6.x86_64 [root at rhopenstack ~]# rpm -qa | grep krb krb5-libs-1.10.3-6.el6.x86_64 [root at rhopenstack ~]# -- Regards, Anu Bhaskar Accenture Technology Consulting Tel: +91.80.431.56585 This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. ______________________________________________________________________________________ www.accenture.com -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: rhel-openstack-dep-issue.txt URL: From pbrady at redhat.com Thu Dec 27 12:22:08 2012 From: pbrady at redhat.com (=?ISO-8859-1?Q?P=E1draig_Brady?=) Date: Thu, 27 Dec 2012 12:22:08 +0000 Subject: [rhos-list] Dependency issue while installing openstack (nova) preview in rhel6.4 In-Reply-To: References: Message-ID: <50DC3D70.7080409@redhat.com> On 12/27/2012 10:50 AM, anu.bhaskar.babu at accenture.com wrote: > Hi, > > We are getting below dependency error while trying to install nova component of Redhat openstack preview. Please help > > OS Version: Red Hat Enterprise Linux Server release 6.4 Beta (Santiago) > > Error: Package: 1:libguestfs-1.16.19-1.el6.x86_64 (rhel-x86_64-server-6) > Requires: /usr/lib64/libkdb5.so.5 > Available: krb5-libs-1.9-9.el6.x86_64 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.9-9.el6_1.1.x86_64 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.9-9.el6_1.2.x86_64 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.9-22.el6.x86_64 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.9-22.el6_2.1.x86_64 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.9-33.el6.x86_64 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.9-33.el6_3.2.x86_64 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.9-33.el6_3.3.x86_64 (rhel-x86_64-server-6) > Not found > Installed: krb5-libs-1.10.3-6.el6.x86_64 (@anaconda-RedHatEnterpriseLinux-201211261812.x86_64/6.4) > Not found > Available: krb5-libs-1.8.2-3.el6.i686 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.8.2-3.el6_0.1.i686 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.8.2-3.el6_0.3.i686 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.8.2-3.el6_0.4.i686 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.8.2-3.el6_0.6.i686 (rhel-x86_64-server-6) > Not found > Available: krb5-libs-1.8.2-3.el6_0.7.i686 (rhel-x86_64-server-6) > Not found > Error: Package: openssh-clients-5.3p1-81.el6_3.x86_64 (rhel-x86_64-server-6) > Requires: openssh = 5.3p1-81.el6_3 > Installed: openssh-5.3p1-83.el6.x86_64 (@anaconda-RedHatEnterpriseLinux-201211261812.x86_64/6.4) > openssh = 5.3p1-83.el6 > Available: openssh-5.3p1-20.el6.x86_64 (rhel-x86_64-server-6) > openssh = 5.3p1-20.el6 > Available: openssh-5.3p1-20.el6_0.3.x86_64 (rhel-x86_64-server-6) > openssh = 5.3p1-20.el6_0.3 > Available: openssh-5.3p1-52.el6.x86_64 (rhel-x86_64-server-6) > openssh = 5.3p1-52.el6 > Available: openssh-5.3p1-52.el6_1.2.x86_64 (rhel-x86_64-server-6) > openssh = 5.3p1-52.el6_1.2 > Available: openssh-5.3p1-70.el6.x86_64 (rhel-x86_64-server-6) > openssh = 5.3p1-70.el6 > Available: openssh-5.3p1-70.el6_2.2.x86_64 (rhel-x86_64-server-6) > openssh = 5.3p1-70.el6_2.2 > Available: openssh-5.3p1-81.el6.x86_64 (rhel-x86_64-server-6) > openssh = 5.3p1-81.el6 > Available: openssh-5.3p1-81.el6_3.x86_64 (rhel-x86_64-server-6) > openssh = 5.3p1-81.el6_3 This seems to be because the openssh-clients available from your online repositories is behind the version installed from your install media. I'm not sure why that is, but perhaps you could install openssh-clients and krb5-libs from your install media to get you over the problem? thanks, P?draig. From pmyers at redhat.com Thu Dec 27 17:51:08 2012 From: pmyers at redhat.com (Perry Myers) Date: Thu, 27 Dec 2012 12:51:08 -0500 Subject: [rhos-list] Dependency issue while installing openstack (nova) preview in rhel6.4 In-Reply-To: References: Message-ID: <50DC8A8C.8040401@redhat.com> On 12/27/2012 05:50 AM, anu.bhaskar.babu at accenture.com wrote: > Hi, > > We are getting below dependency error while trying to install nova component of Redhat openstack preview. Please help > > OS Version: Red Hat Enterprise Linux Server release 6.4 Beta (Santiago) > > > Error message: > > --> Processing Dependency: openssh = 5.3p1-81.el6_3 for package: openssh-clients-5.3p1-81.el6_3.x86_64 > --> Processing Dependency: /usr/lib64/libkdb5.so.5 for package: 1:libguestfs-1.16.19-1.el6.x86_64 > --> Finished Dependency Resolution > Error: Package: 1:libguestfs-1.16.19-1.el6.x86_64 (rhel-x86_64-server-6) > Requires: /usr/lib64/libkdb5.so.5 .19 is from RHEL 6.3.z repos. RHEL 6.4 beta has .32 for libguestfs > Error: Package: openssh-clients-5.3p1-81.el6_3.x86_64 (rhel-x86_64-server-6) > Requires: openssh = 5.3p1-81.el6_3 > > > [root at rhopenstack ~]# rpm -qa | grep openssh > openssh-5.3p1-83.el6.x86_64 > openssh-server-5.3p1-83.el6.x86_64 -83 is from the RHEL 6.4 Beta. -81 is from the RHEL 6.3.z updates stream. So it looks like openssh-clients -81 is being installed, which of course requires the same exact version of openssh and openssh-server This makes me think that you currently have RHEL 6.4 beta packages installed, but you do not currently have access to a RHEL 6.4 beta package repository and instead are only able to pull new packages from the RHEL 6.3 repos > [root at rhopenstack ~]# rpm -qa | grep krb > krb5-libs-1.10.3-6.el6.x86_64 > [root at rhopenstack ~]# Can you provide the output of: yum repolist subscription-manager list --installed And the contents of /etc/yum.repos.d/redhat.repo I think from the above it's likely that you just need to enable access to the RHEL 6.4 beta content mirrors (RHN/CDN) to resolve this issue. For reference, on a RHEL 6.4 Beta VM with access to the 6.4 Beta channel in RHN/CDN, I was able to successfully install openstack-nova w/ the libguestfs and openssh-clients dependencies. Thanks! Perry From anu.bhaskar.babu at accenture.com Fri Dec 28 06:14:51 2012 From: anu.bhaskar.babu at accenture.com (anu.bhaskar.babu at accenture.com) Date: Fri, 28 Dec 2012 06:14:51 +0000 Subject: [rhos-list] Dependency issue while installing openstack (nova) preview in rhel6.4 In-Reply-To: <50DC8A8C.8040401@redhat.com> References: <50DC8A8C.8040401@redhat.com> Message-ID: Thanks Perry, I was able to install nova once I enabled beta channel subscriptions. -- Regards, Anu Bhaskar Accenture Technology Consulting Tel: +91.80.431.56585 -----Original Message----- From: Perry Myers [mailto:pmyers at redhat.com] Sent: Thursday, December 27, 2012 11:21 PM To: Babu, Anu Bhaskar Cc: rhos-list at redhat.com Subject: Re: [rhos-list] Dependency issue while installing openstack (nova) preview in rhel6.4 On 12/27/2012 05:50 AM, anu.bhaskar.babu at accenture.com wrote: > Hi, > > We are getting below dependency error while trying to install nova component of Redhat openstack preview. Please help > > OS Version: Red Hat Enterprise Linux Server release 6.4 Beta (Santiago) > > > Error message: > > --> Processing Dependency: openssh = 5.3p1-81.el6_3 for package: openssh-clients-5.3p1-81.el6_3.x86_64 > --> Processing Dependency: /usr/lib64/libkdb5.so.5 for package: 1:libguestfs-1.16.19-1.el6.x86_64 > --> Finished Dependency Resolution > Error: Package: 1:libguestfs-1.16.19-1.el6.x86_64 (rhel-x86_64-server-6) > Requires: /usr/lib64/libkdb5.so.5 .19 is from RHEL 6.3.z repos. RHEL 6.4 beta has .32 for libguestfs > Error: Package: openssh-clients-5.3p1-81.el6_3.x86_64 (rhel-x86_64-server-6) > Requires: openssh = 5.3p1-81.el6_3 > > > [root at rhopenstack ~]# rpm -qa | grep openssh > openssh-5.3p1-83.el6.x86_64 > openssh-server-5.3p1-83.el6.x86_64 -83 is from the RHEL 6.4 Beta. -81 is from the RHEL 6.3.z updates stream. So it looks like openssh-clients -81 is being installed, which of course requires the same exact version of openssh and openssh-server This makes me think that you currently have RHEL 6.4 beta packages installed, but you do not currently have access to a RHEL 6.4 beta package repository and instead are only able to pull new packages from the RHEL 6.3 repos > [root at rhopenstack ~]# rpm -qa | grep krb > krb5-libs-1.10.3-6.el6.x86_64 > [root at rhopenstack ~]# Can you provide the output of: yum repolist subscription-manager list --installed And the contents of /etc/yum.repos.d/redhat.repo I think from the above it's likely that you just need to enable access to the RHEL 6.4 beta content mirrors (RHN/CDN) to resolve this issue. For reference, on a RHEL 6.4 Beta VM with access to the 6.4 Beta channel in RHN/CDN, I was able to successfully install openstack-nova w/ the libguestfs and openssh-clients dependencies. Thanks! Perry This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. ______________________________________________________________________________________ www.accenture.com