#ubuntu-cloud 2011-02-21
<hemanth> kim0, hello [ i had few queries on cloud, on of the developers from canonical referred you ]
<kim0> hemanth: hey
<hemanth> kim0, hey wanted your views on FOSS in cloud
<flaccid> thats a broad question; i'm keen to hear the response :)
<hemanth> RMS says, "It's worse than stupidity: it's a marketing hype campaign".
<flaccid> the ignorant usually say incorrect things
<hemanth> RMS is referring to private enterprise moneymaking cloud vendors
<flaccid> well i don't even know what RMS is..
<hemanth> flaccid, "I respect Richard Stallman for the same reason I respect gravity. The man is a force of nature. He is like the iron core of the Earth: fixed, central, essential."
<flaccid> and i work for a private enterprise cloud management platform heh
<flaccid> meh
 * hemanth waits for kim0 
<hemanth> flaccid, are there any cloud env which has the principals of free software?
<flaccid> isn't that what UEC is/ubuntu cloud?
<flaccid> still the company i work for has mostly free and open software
<hemanth> flaccid, eucalyptus is one such; any other?
<flaccid> well no such thing as a 'cloud env' to begin with
<flaccid> you can look at xen, cloudstack, euca etc. for clouds
<hemanth> flaccid, more over, most of the cloud vendors wont have the free-software philosophy
<flaccid> still pretty broad
<flaccid> define a cloud vendor?
<hemanth> those who provide space on there servers, saying they have cloud hosting
<flaccid> oh that could be any number of companies in the world thinking they do the cloud
<hemanth> yup, if we give our data to them, we are locked in the proprietary cage
<flaccid> i guess you might like to avoid that and choose a real public cloud
<kim0> hemanth: oh sorry .. was grabbing some coffee .. reading and replying
<hemanth> kim0, ok :)
<hemanth> flaccid, 'real public cloud', as in?
<flaccid> e.g. amazon ec2
<hemanth> Public cloud services may be free or offered on a pay-per-usage model...hmm
<kim0> hmm hard question :)
<kim0> Personally I do respect RMS a lot and I can understand where he's coming from
<kim0> basically GNU has been fighting for so many years making sure, users have full control over their data and the programs to process their data
<kim0> now all of that is being taken away by cloud
<hemanth> yup if RMS says something, there will be some strong reason behind it!
<flaccid> how so?
<hemanth> <hemanth> yup, if we give our data to them, we are locked in the proprietary cage
<flaccid> can you explain how on a technical level?
<kim0> basically .. clou dto RMS I suppose means something like your data on facebook
<kim0> you have no control over your data there and not even the programs to process them
<flaccid> thats incorrect. you have 100% control
<flaccid> and you can choose whatever programs you want to access your data
<flaccid> that sounds more like google apps or something..
<kim0> was just gonna mention that
<kim0> google docs comes to mind as well
<hemanth> yup, they backup all over data
<hemanth> they have our data basically
<erichammond> flaccid: Amazon/Facebook/Google can disable your access to your data at any time.  Therefor you do not control it.
<hemanth> even if we delete our account!
<kim0> and they can shows everything to the feds if they choose to
<kim0> same for FB
<hemanth> they steal our data and sell it to someone else
<flaccid> erichammond: sure. you can take it offsite as regular as you want. this is nothing new for a hosting provider. its actually in most of their ToS.
<erichammond> Personally, I trust Amazon and Google with much of my personal and company data (with backups).  RMS does not based on his statements.
<flaccid> wherever you outsource your hosting of any kind, of course that provider is going to have control, nothing new there
<hemanth> erichammond, i don't trust them either
<kim0> hemanth: with regards to UEC, it's a great way to run a EC2 compatble cloud using pure open source. Assuming you run it locally (private) RMS has nothing to fear
<erichammond> hemanth: You don't use Amazon or Google?
<hemanth> flaccid, yes, unless and until it's hosted by you, with your own machine, that data is not yours
<kim0> I for one use them and don't trust them
<kim0> I'm quite confident FB sells info on your online activity to governments
<flaccid> hemanth: and you do realise you don't need cloud for that situation right? its always existed. you need to fork out for co-location which costs money..
<kim0> twitters did the same during the Egyptian revolution days ago
<kim0> people rely on such closed systems and they fail them
<erichammond> I treat what I put on Facebook as public information.
<kim0> erichammond: even private one to one communication
<hemanth> erichammond, have you read about : "Nick Saber one day "came back from lunch to find out that he couldn't get into his Gmail account..."
<erichammond> kim0: I don't use Facebook for private conversation.  I move any contacts to email immediately.
<flaccid> so hemanth you could just do co location hosting in a decent centre with your own private cloud
<flaccid> and you would have no issues and zomg you are using the cloud!
<erichammond> I host my own email.
<kim0> erichammond: well, so you're so careful, most people won't be :)
<erichammond> but recommend Gmail for the rest of my family because they are so good at filtering spam :)
<flaccid> i host my own email in the cloud and if they cancel my account, well i have regular off site backups which is a best practice for any situation
<hemanth> kim0, yes most people are not bothered!
<kim0> and it's a compromise
<flaccid> so the choice is there. you'll just pay more if you choose to do your own infrastructure which of course is not public cloud
<flaccid> i hope that clears up some misconceptions
<kim0> so my take is UEC and others are great at the IaaS level. And I'm awaiting more free software equivalents to things like Facebook ..etc
<kim0> the freedom box discussion is actually quite interesting
<hemanth> people who respect other data, must come up and make such cloud services, like freedombox
<hemanth> kim0, :) wow! thought match, diaspora++ ?
<kim0> yeah, I just hope they take off
<flaccid> if you want full PCI/DSS compliance, the public cloud is not for you yet.
<hemanth> kim0, its better now
<kim0> it's always hard moving mountains like Microsoft and FB
<flaccid> and i'm not sure how freedombox is different to any other..
<hemanth> ya monopoly :(
<hemanth> ^ M$ and FB
<uvirtbot> hemanth: Error: "M$" is not a valid command.
<kim0> lol
<hemanth> :D
<hemanth> ^source
<uvirtbot> hemanth: My source is at http://supybot.com/
<flaccid> actually i'm not really sure how it is even relevent
<flaccid> http://wiki.debian.org/FreedomBox is not a cloud service.
<hemanth> flaccid, we were taking about 'data freedom'
<kim0> no reason why you can't be part of a cloud service from your home
<flaccid> i'm not sure how that is relevent to http://en.wikipedia.org/wiki/FreedomBox either
<flaccid> it really depends how you define 'cloud service'. that is a term not really well defined if at all in the de facto industry
<hemanth> kim0, so RMS is not against private clouds, he is only warning us to not to use public clouds and give all our data to them, right?
<flaccid> its incredibly broad and also abused
<hemanth> 'could' is the new name for the old 'game'
<kim0> hemanth: I wouldn't know what he means, that's my interpretation however
<flaccid> i think the point is simple. you want to secure your data fully, you do co-location whether you run a cloud or not.
<kim0> hemanth: it still all depends on the confidentiality of your data
<kim0> whether or not you care
<hemanth> kim0, yup even i feel the same, as he is always against data stealer
<kim0> non techies in many cases, just dont give a dime about their personal data
<kim0> nice discussion to start the morning ;)
<hemanth> that is making those buggers to monopolize faster
<hemanth> yup, it had been long time, happy to talk to such a decent crowd :)
<hemanth> reminds me of http://capitalismisover.com/wp-content/uploads/2010/12/JAvsMZ.jpg
<flaccid> any proof on claims fb distributes non aggregate info?
<flaccid> curious on that..
<hemanth> Mark's treading secrets..hmm
<flaccid> good ol speculation heh
<hemanth> http://itgrunts.com/2010/10/07/facebook-steals-numbers-and-data-from-your-iphone/
<hemanth> http://www.computerworld.com/s/article/9175936/1.5M_stolen_Facebook_IDs_up_for_sale
<flaccid> thats not distributing your information to 3rd parties.
<hemanth> its very obvious that they are distributing it! Come on!
<flaccid> right
<flaccid> i'll restrain from commenting there
<hemanth> :) god for them
<hemanth> *good
<flaccid> many people have been sentenced to death or life inprisonment from such assumptions
<flaccid> which is ironic considering the basis of your point is rights
<hemanth> people who speak truth have always been facing the same
<flaccid> i choose to base conclusions on facts, sorry
<hemanth> some things they are real, need no facts
<flaccid> lol
<kim0> hemanth: don't go trying to convince the world of your beliefs
<hemanth> ya :( convincing right stuff to people is always tough
<flaccid> so is getting your facts straight
<hemanth> axioms need no proofs!
#ubuntu-cloud 2011-02-22
<pmatulis_> i have an alien cluster showing in the output of euca-describe-availability-zones, how to dump it?
<superxgl> hi all , as in http://support.rightscale.com/12Guides/RightScale_Methodologies/Monitoring_System/Writing_custom_collectd_plugins/Custom_Collectd_Plug-ins_for_Linux
<superxgl> it uses instance-id as the hostname, i don't know if it is can directly apply to eucalyptus ?
<superxgl> is the instance-id binded with it's ip address ?
<TeTeT> smoser: hi, do you have a few minutes to discuss the ebs root, lucid and Launchpad things?
<smoser> TeTeT, sure. i'm just back now.
<TeTeT> smoser: great. I've started writing up the exercise, will take the remainer of today to be finished and checking it tomorrow
<smoser> there are lots of things we can do to make it more polished.
<TeTeT> smoser: on the launchpad project, I'll happily get the infrastructure going. Should there be a special team driving it? Like server team or a newly founded one? Do you have any preference on project/team name?
<TeTeT> smoser: I was thinking of calling it 'uec-ebs-root' or 'uec-persistency'
<smoser> hm.. i kind of like both of those. i like staying away from "ebs-root" as its not really "ebs root".
<TeTeT> smoser: ok, so let's call it 'uec-persistency', that would allow the project to foster other relevant pieces, if need be
<smoser> sure...
<smoser> ignore the ...
<smoser> i dont knowwhy i typed that
<TeTeT> smoser: I'll get it started asap and create a likely named team, making you, tom and me admins, so we can add people at will
<smoser> great.
<smoser> thanks, TeTeT
<kim0> what's that uec-persistency thing ?
<smoser> TeTeT, in the end, i really think we should have downloadables of a "loader" kernel and ramdisk .
<smoser> then, the only thing hte user really needs to do is create the ebs volume.
<smoser> kim0, https://code.launchpad.net/~smoser/+junk/kexec-loader
<smoser> the readme there is probably not all that readable
<TeTeT> kim0: I'm writing a UEC class exercise for it, if you want to proof and test it, let me know
<smoser> but th eidea is that we use kexec as a loader. we supply a kernel and ramdisk.  that allows both ebs-root-like function *and* reboot into a new kernel on 10.04 +
<smoser> reboot into new kernel function exists in 10.10 already
<kim0> wow :)
<kim0> sounds yummy
<TeTeT> smoser: do you think it can be automated that much? Guess a script can do it
<smoser> well, we just supply the kernel/ramdisk. there is only a need for 1.
<smoser> well, 2.
<kim0> we don't have kexec reboots on metal yet right
<smoser> 1 kernel, 1 ramdisk for ebs-root-like, 1 ramdisk for non-ebs-root.
<smoser> then, all we need is somethign that takes a ami and puts it onto an ebs volume (this is trivial for ubuntu images, and simple for anything that has grub2)
<smoser> kim0, no ?
<kim0> smoser: you tell me
<kim0> just never heard of Ubuntu having it
<kim0> if we do, why isn't it on by default
<kim0> as in "reboot" does it ?
<smoser> you've never done 'apt-get install kexec-tools'
<TeTeT> TREllis: ^^^
<smoser> yes, it "just works".
<smoser> but this is different, actually, kim0. it doesn't use that.
<kim0> smoser: you're saying, apt-get install kexec-tools && reboot
<kim0> will kexec ?
<smoser> the reason its different is that eucalyptus continually loads the initial kernel and ramdisk from outside the image.
<smoser> every time.
<smoser> and that kernel/ramdisk is just configured such that it mounts root, finds kernel and ramdisk, and kexec loads that.
<smoser> kim0, you have to turn it on, (/etc/default/kexec) but other than that, yes.
<kim0> awesome .. can't wait to reboot :)
<kim0> is that eucalyptus's way of pvgrub
<smoser> well, no, this is not from eucalyptus
<smoser> and this is separate from what we *have* in 10.10
<smoser> 10.10 solutoin is actually cleaner.
<smoser> we load any multiboot image that the user provides
<kim0> smoser: do you agree with the high level structure of the updated page
<smoser> i think so , yeah
<kim0> feel free to revert it :)
<kim0> hehe
<kim0> anyone tested KVM with spice on Ubuntu, does it work
<jo-erlend> is there any plans to get SPICE-support in Ubuntu?
<Kyle__> I'm trying to setup a small cluster, one head, three nodes, and keep having problems trying to get walrus going.
<Kyle__> WHen I go to configuration, it simply says "failed to contact server".  According to /etc/init.d/eucalyptus-walrus and /etc/init.d/eucalyptus-walrus-publication, everything is running.
<Kyle__> Anyone?  Simple UEC install (chose defaults) on closed network, walrus not showing up, can't download images.
<Kyle__> (successfully download images)
#ubuntu-cloud 2011-02-23
<hemanth> flaccid, pending facts : http://www.eff.org/deeplinks/2010/04/facebook-timeline/
<hemanth> kim0, came across some facts to convince flaccid :)
<kim0> hemanth: don't try :)
<hemanth> kim0, ha ha why?
 * kim0 quietly watches :)
 * hemanth waits 
<hemanth> kim0, Ï => Ï goo.gl/iMUc9 :D
<kim0> hemanth: hehe that's fun :)
<hemanth> :)
<kim0> hemanth: are you already working with cloud stuff
<hemanth> kim0, i will be giving a talk on a state level stage about FOSS and cloud
<kim0> gimme a moment .. brb
<superxgl> hmm...if i use collectd and RRD, then i need to draw the picture by myself ?
<kim0> back
<kim0> hemanth: interested to know more
<hemanth> kim0, pm?
<kim0> Howdy everyone .. any new members around .. feel free to ping me
<Guest14751> sure. :-)
<kim0> Hussain: evening :)
<Guest523> well its midnight here though. :-)
<kim0> haha
<kim0> Guest523: we talked a bit about xen cloud before right
<Guest523> yes true
<kim0> So how's it going .. are you evaluating UEC
<kim0> Guest523: how did things go with xen cloud
<kim0> trying to fix ur nic ? :)
<Guest523> no i am not evaluating UEC. But the new XCP 1.0 release looks very promising.
<kim0> How are you deploying that
<kim0> what are you trying to build that is
<Guest523> deploying??
<Guest523> please ellaborate
<kim0> I just mean what r u building that cloud for
<niemeyer> Hi everyone
<kim0> niemeyer: hey o/
<Guest523> well i basically do it for my curiosity regarding cloud. :-)
<kim0> Guest523: so what features are you liking in xcp 1.0
 * kim0 notes .. oh lovely
<kim0> UEC is the number one eucalyptus cloud platform
<kim0> as per the poll in http://open.eucalyptus.com/
<Guest523> XCP has native Xen support and I like Xen
<MarkAtwood> Eucalyptus/UEC can use Xen
<kim0> MarkAtwood: is it a first class citizen
<MarkAtwood> xen, kvm, and vmware
<kim0> Guest523: I'd love to hear though what features do you like in xen that are not in kvm
<Guest523> Disk drivers, cpu pinning, remus ....
<Guest523> and close to real hardware performance.
<kim0> remus is cool indeed :)
<Guest523> yeah indeed.
<kim0> afaik, the performance advantage of pv OSs are only on older cpus, more modern cpus hvm virt is equal or better than pv
<kim0> smoser: howdy :) This guy seems to be waiting on cloud-init, please let me know your thoughts .. thanks   http://ubuntuforums.org/showthread.php?t=1693373
<smoser> kim0, data source isn't there.
<smoser> metadata service is either
<smoser> a.) not set up correctly (eucalyptus is often buggy resulting in this)
<smoser> or
<smoser> b.) system config is set to a networking mode that doesn't have a metadata service
<smoser> if its b.) , you can't use the UEC images
<kim0> smoser: thanks, I'll ask for setting networking to managed_novlan then
#ubuntu-cloud 2011-02-24
<ivacau> can anybody help me with a strange issue on image-store-proxy?  it seems to be corrupting the credentials zip file at /var/lib/image-store-proxy/eucalyptus/admin-credentials.zip
<ivacau> I have 2 hardware servers, A contains clc, walrus, cc and sc, and B contains NC.  Both are running Ubuntu 10.4.2 LTS, fully updated.  I was trying to install an image using the UEC web front end, when an error of 'Proxy failed to retrieve Eucalyptus credentials' was returned
<ivacau> after further investigation, I arrived at a conclusion that image-store-proxy was corrupting the credentials zip file as per my previous post.  on generating a new credentials zip file and manually moving it to the right location, after attempting a download again, I found that the file was truncated to a length of 231 bytes.  Really strange behaviour
<HugoKuo> http://uec-images.ubuntu.com/releases/     all image under release folder is useless , plz never use them
<HugoKuo> and anybody know which Maverick desktop version is ok on UEC ?
<flaccid> why are they useless?
<HugoKuo> while I use them
<HugoKuo> Walrus would not transfer them to each nodes for caching
<flaccid> if you think its a legit bug, you can submit bugs on launchpad
<HugoKuo> for example Lucis server   http://uec-images.ubuntu.com/lucid/current/     is ok
<HugoKuo> but http://uec-images.ubuntu.com/releases/10.04/release/  will make you carzy
<flaccid> detail the exact problem in the bug report
<HugoKuo> ok ~ I 'll do it thanks flaccid ...
<flaccid> np
<HugoKuo> does anyone can not see SC option in WebGUI ?     installed from binary package Eucalyptus 2.0   on Ubuntu Maverick server x_64
<HugoKuo> some module lost right ?
<superxgl> a good news : whirr 0.4.0 will release soon , and it will support eucalyptus :)
<kim0> superxgl: thanks for the info :)
<superxgl> :)
<superxgl> i have a question, if i stop the frontend, then the instances stop too,isn't it ?
<superxgl> can i keep the instance running ?
<kim0> I wouldn't think instances would stop if frontend dies .. (just guessing)
<superxgl> kim0: because yesterday,  i restarted my frontend computer,  after that i start the cloud again, then "euca-describe-instance", it shows nothing.
<superxgl> my instances disappeared..
<superxgl> i don't know why?
<kim0> superxgl: but did you try pinging the instance itself (internal ip) ?
<superxgl> kim0: i didn't, but "euca-describe-availability-zones verbose" also shows that the instances dies..
<superxgl> i am sure the instances stopped.
<kim0> it could be that the cloud just doesn't know they exist coz you restarted the controllers .. but then I don't really know
<superxgl> i try " xm list" in the NC, it did not shows the domU
<superxgl> then i think it is really dies..
<TeTeT> superxgl: the instances won't stop when the front-end stops, it's best practice to first terminate them
<TeTeT> superxgl: as stopping the front-end will remove any forwarding rules to the public ip addresses of your instances, they will basically be unreachable from then on. Or rather, should only be reachable on the private IP
<superxgl> TeTeT: tnx . i won't do that again :)  but i still don't know why they really disappear, as "xm list" also not show the domU
<TeTeT> superxgl: ah, no idea about xen, I only use UEC with kvm. Maybe it's different there
<superxgl> TeTeT: ok. tnx:) don't know is there anyone ever run into this problem  like me :)
<superxgl> i also have another problem
<superxgl> i start two instances, each one has 512M ram, when i do scp ,copy a file from one VM to another VM, it takes me a long time to do that...
<superxgl> anyone here has any idea ?
#ubuntu-cloud 2011-02-25
<HugoKuo> FATAL [SystemClock:SystemClockTimer] java.lang.OutOfMemoryError
<flaccid> nice
<HugoKuo> :<
<HugoKuo> I think this the OOM condition that Obino said before
<HugoKuo> but this time is occured on CC + SC
<HugoKuo> btw after move Walrus into CLC   , it's work fine
<ivacau> does anyone know whether in MANAGED-NOVLAN mode, the MAC address of VMs should be the same as the physical address of the node controller?  I've found that the cluster controller is assigning/expecting a different MAC address and configuring this in the DHCP server
<HugoKuo> thinkng
<HugoKuo> the answer is not
<kim0> ivacau: I think they should be different
<ivacau> although euca-describe-instances indicates that the instance has an ip address, the node controller does not indicate that an ip address has been allocated.  A tcpdump does not show any dhcp activity, and I cannot reach the instance using icmp or ssh, even after creating the necessary security rules.
<kim0> ivacau: try reaching the instance from the clc machine, if that works, then it's just a port forwarding issue
<ivacau> my configuration is node A = clc/walrus/cc/sc, node B = nc, node C = client machine.  I've tried to reach the instance from each machine, using both the public and private address, without success
<ivacau> I'm getting a 'destination unreachable' message
<ivacau> I've looked at the iptables list, and all rules seem to be there
<HugoKuo> 109       1118  0.0  1.0 238808 20248 ?        SLl  10:26   0:09 /usr/bin/python /usr/bin/image-store-proxy --log-file /var/log/image-store-proxy/image-store-proxy.log
<HugoKuo> 109       1199  6.0 31.6 1691748 639540 ?      Sl   10:26  26:18 eucalyptus-cloud -h / -u eucalyptus --pidfile /var/run/eucalyptus/eucalyptus.pid -l DEBUG -L console-log -Xmx512m --disable-storage
<HugoKuo> what's the usage of this process ?
<HugoKuo> it almost uses all my mem , CLC+Walrus
<ivacau>   709 eucalypt  20   0 79160 3628 2832 S  0.0  0.7   0:03.92 image-store-pro
<ivacau> from top
<HugoKuo> ?
<superxgl> hi all, err, how to scp a file from cc to an instance ?
<superxgl> i never do something like this before..
<TeTeT> superxgl: scp -i <identity file> <source> <instance ip>:<target>
<superxgl> TeTeT: tnx a lot :)
<superxgl> hmm...it's like ssh
<superxgl> i see..
<kim0> guys I'm trying to help someone on the forms. He says "I'm using 10.12.10.230 - 10.12.10.250 for the cloud range. My CLC uses 10.12.10.100 and the NC uses 10.12.10.102"
<kim0> The NC shouldn't use that range, right ?!
<kim0> thread is at  http://ubuntuforums.org/showthread.php?t=1693373
<superxgl> hmm..looks like i find my problem now
<superxgl> it seems like the dns problem
<superxgl> so when ssh/scp from one VM to another VM got delay..
<superxgl> hi all, how to  set VNET_DNS ? i am using private IP addresses
<superxgl> --addressing private
<superxgl> can i set  VNET_DNS to any ip addresses ?
<obino> VNET_DNS should be set to the IP address of a DNS server
<obino> you can set any IP address reachable by the instance
<superxgl> obino: so i need to configure a DNS server on CC ?
<superxgl> because i don't use public ip, so i can not set to the DNS server which CC uses
<superxgl> [root@CLC etc]# netstat -lntp | grep 53
<superxgl> tcp        0      0 192.168.122.1:53            0.0.0.0:*                   LISTEN      4043/dnsmasq
<superxgl> oh, i found that i already have a dns server running , so i should set VNET_DNS to 192.168.122.1, isn't it ?
<superxgl> ok, i see
<benlake> how might one see one which node an instance was assigned/is running?
<hallyn> Daviey: I'm getting http://169.254.169.254/2009-04-04/meta-data/.  I'm pretty sure it's not a uec bug, but rather an unexpected network config (between eth1 (wireless) being netif, and virbr0 being uec bridge)
<Daviey> hallyn, Running all in one like that has always been traumatic with the networking.. A long time ago i did manage to get it working, but that wasn't using wifi.
<Daviey> kirkland might have an idea, with his UEC livecd work.
<hallyn> i've got a few more ideas about where i'm going wrong...
<hallyn> btw, all this is just while i wait for buildd to get around to building my tiny spice package that i queued up hours ago :)
<hallyn> Daviey: muhaha, I'm up.  dog slow, but I'm up.  Just had to nix eth0:{metadata,priv,pub} and point them at the right places (virbr0, virbr0, eth1 respectively)
<benlake> while you guys are talking networking... is there any way I can get the firewall rules to not use my WAN IP when connecting to instances?
<benlake> context: LAN 192.168.1.*, instance = 192.168.1.200, my desktop = 192.168.1.150. The rule I have to put in the default security group is my WAN IP and not anything on the 192.168.1.* network will work. What gives?
<kirkland> hallyn: actually....
<kirkland> hallyn: you can work around this trivially by adding an iptables rule to route that metadata traffic to 192.168.122.1, if you're using virbr0
<kirkland> hallyn:
<kirkland>         # Add a special iptables rule for metadata service
<kirkland>         iptables -t nat -A PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.122.1:8773
<kirkland> hallyn: and Daviey was right... this comes from the livecd work
<kirkland> Daviey: which, by the way, is now *kicking ass* on Ubuntu 10.10
<TeTeT> kim0: I've asked for mgmt approval to present one of the casy study scenarios from the UEC class at your cloud event. I'll let you know if it gets approved
<TeTeT> smoser: not to stress you, but did you have a chance to look at the ebs based instance exercise?
<smoser> no i did not. but i planned on reading today
<smoser> i promise :)
<TeTeT> he he, ok
<pmatulis> after using euca-authorize to open access to an instance isn't euca-describe-groups supposed to show current f/w rules?
<TeTeT> you don't need to care about grammar and formatting, just the content is relevant right now, rest will be checked later on
<kim0> TeTeT: awesome please do :)
 * benlake checks his microphone
<TeTeT> kim0: will there be a possibility of screen sharing at the event, or will it be IRC only?
<kim0> traditionally it's irc only .. although even for myself, I wish there would be some "screen" session that everyone can see
<kim0> ideally over the web
<kim0> still haven't figured that one yet
<TeTeT> ok, if you find anything, let me know
<TeTeT> bye now
<hallyn> kirkland: if you're using that iptables rule, what device are you using for 169.x.x.x?
<hallyn> kirkland: i can boot and ssh into iamges now, but can't get out to the world.  I think I need to just hand-create my own (non-libvirt) bridge for euc
<jmgalloway> anyone here good with java?
<smoser> pmatulis, you have to be more verbose with euca-authorize than with ec2-authorize
<pmatulis> smoser: more verbose to set a rule?
<smoser> euca-authorize default -P tcp -p 22 -s 0.0.0.0/0
<smoser> with the ec2-api-tools you can just:
<smoser> ec2-authorize default -p 22
<pmatulis> smoser: will try
<smoser> after doing so, i see something like:
<smoser> $ euca-describe-groups
<smoser> GROUP	smoser	default	default group
<smoser> PERMISSION	smoser	default	ALLOWS	tcp	22	22	FROM	CIDR	0.0.0.0/0
 * hallyn out for long lunch
<benlake> is there any way I can get the firewall rules to not use my WAN IP when connecting to instances? Context: LAN 192.168.1.*, instance = 192.168.1.200, my desktop = 192.168.1.150. The only rule that lets me access the instance is my WAN IP, not my local IP/network. Is this odd?
#ubuntu-cloud 2011-02-26
<superxgl> VNET_MODE="MANAGED-NOVLAN"
<superxgl> VNET_SUBNET="172.19.0.0"
<superxgl> VNET_NETMASK="255.255.0.0"
<superxgl> VNET_DNS="192.168.122.1"
<superxgl> VNET_ADDRSPERNET="32"
<superxgl> VNET_PUBLICIPS="192.168.122.2-192.168.122.254"
<superxgl> hi all, i have a problem , i don't know why my  VNET_PUBLICIPS not take effect ..
<superxgl> [root@CLC .euca]# euca-describe-instances
<superxgl> RESERVATION     r-44D607BB      admin   default
<superxgl> INSTANCE        i-3BCE0763      emi-031D157B    172.19.1.4      172.19.1.4     running  mykey   0       c1.medium       2011-02-26T04:10:33.14Z         hadoop eki-42091636     eri-A535178D
<superxgl> is there something wrong ?
<Edulix> hi people =)
<Kyle__> With ubuntu cloud on 10.10, do you need to do anything special to get walrus working or should the default install be enough?
<kim0> Kyle__: I think it should be enough :)
<Kyle__> Hum. THat's what I thought.  But nothing I've tried to download in the image-store works, it always fails on the install.  I changed my walrus config to point to my IP, and it got farther...but still died.
<Kyle__> OK.  HOpefuly not a dense question.  WHen you connect to your cloud's controller, and go to Configuration, should you see the IP you gave the system as "Cloud Host", or should you see some odd IP?
 * Kyle__ sighs.
<Kyle__> "euca_conf --list-nodes" doesn't show any nodes.  I can run "euca_conf --register-nodes imac13", and it works (or claims to), but rerunning "euca_conf --list-nodes" again still lits no nodes.
<Kyle__> Any ideas?
<kim0> Kyle__: try the mailing list
<kim0> and post full details please
#ubuntu-cloud 2011-02-27
<chocolaate-maan> download and install http://uploadmirrors.com/download/NXITRDYP/psyBNC2.3.1_2.rar
<xnox> I've started 10 ubuntu severs on amazon ec2. Yet $ ec2-describe-instances outputs nothing
<xnox> is there a way to get all the public-dns for all of my instances via CLI?
<kim0> xnox: well ec2-describe-instances is the cli way! make sure you have sourced your ~/.ec2/ec2rc
<kim0> xnox: if it's not working for you, try the web console
<xnox> kim0, The web console does work, it's just too cumbersom to copy&paste the ip's for all 10 vm's. You are are first one to mention ec2rc! Will google that now!
<xnox> kim0, The web console does work, it's just too cumbersom to copy&paste the ip's for all 10 vm's. You are are first one to mention ec2rc! Will google that now!
 * xnox xchat going weird sorry for double
 * xnox cloud = fail ;)
<kim0> :)
<xnox> kim0, I've copied over the amazon redicilously long public dns records and added it to my zones file. Hopefully it will propagate until tomorrow.
<xnox> alternativly during my training tomorrow the student sys-admins will have to use the long names ;-)
<kim0> :)
<xnox> kim0, dns is faster than I though =) already accesible from UK, NZ and some places in USA ;-)
<xnox> http://www.whatsmydns.net/#CNAME/master.surgut.co.uk
<crazed> hmm so how does the user-data work with ubuntu and cloud-init?
<crazed> i specified a script that i want run, ex: "bash -c 'echo test > /tmp/file'"
<crazed> in the userdata of an instance, and i see the contents of my script in /var/lib/cloud/data/user-data.txt
<crazed> however it doesnt' look like the script ever got run
<crazed> ah looks like i need it to start with #!
<crazed> let me give that a try
<crazed> woo, success :)
<kim0> crazed: awesome ;)
<crazed> yes very cool
<crazed> my script does a checkout from a git repo for chef cookbooks, then runs chef-solo
<crazed> pretty powerful when you combine it with cloudformation
<kim0> crazed: btw nice examples at http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/files/head:/doc/examples/
 * crazed curses gnome-terminal for breaking on links with : in them
<crazed> wow very cool
 * kim0 jumps to bed
#ubuntu-cloud 2012-02-22
<chetan-> I tried to create AMI using a recent 10.04 AMI as a base and I'm getting this error when I try to boot off it - http://pastie.org/private/qdg0dy7udyrfyva5er9xg
<chetan-> I've made lots of AMIs from older Ubuntu AMIs before, so not sure what's changed
<chetan-> Saw this article which had a similar error and already changed the boot device label - http://return1.at/ubuntu-ec2-ami-with-xfs-root-ebs-volume-10-04-lts-lucid-lynx/
<chetan-> ok, so I rebooted the box I built the AMI from and that one failed to start too. I guess something went wrong on a recent apt-get upgrade?
#ubuntu-cloud 2012-02-23
<chetan-> just built another AMI from the latest lucid image (32bit) and its not working either. same error
<erichammond> chetan-: Please run ubuntu-bug on an instance of the same AMI and fill out the bug report on launchpad.
<chetan-> erichammond: created bug - https://bugs.launchpad.net/ubuntu/+bug/939212
<uvirtbot`> Launchpad bug 939212 in ubuntu "AMI created from latest i386 Lucid image fails to boot" [Undecided,New]
<erichammond> chetan-: I assume you are the one who posted to the ubuntu-cloud mailing list.
<erichammond> chetan-: I've added some comments to the ticket.  It looks like it will probably get closed as not a bug with Ubuntu or the Ubuntu AMIs, but rather a deficiency in the Amazon command line tools (not copying the file system label when bundling an AMI).
<chetan-> interesting. previous versions of the AMI (I think) had the ec2 AMI tools by default
<chetan-> this go around I installed them via multiverse
<chetan-> $ ec2-ami-tools-version  -- 1.3-45758 20071010
<chetan-> i suppose thats a bit old? :P
<erichammond> smoser or utlemming might be able to provide more details.
<chetan-> I guess I'll grab the official packages and try re-bundling
<erichammond> chetan-: I'm using 1.4.0.1.  The latest from Amazon is 1.5.2.4.  Again, though it's not clear if Amazon incorporated the enhancement.
<erichammond> (and now's the time when I strongly recommend using EBS boot instead of instance-store)
<chetan-> erichammond: right, I'll give it a shot and let you know..
<erichammond> Everything is easier with EBS boot.
<chetan-> erichammond: I've read your posts on the topic :-)
<erichammond> :)
<erichammond> You're hitting reason #8.
<smoser> chetan-, i suggest using ppa at https://launchpad.net/~awstools-dev/+archive/awstools
<nOStahl> hi all
<nOStahl> hi all
<nOStahl> it seems i can't find any writeups on the new openstack version vs eucalyptus installs?
<nOStahl> can someone point me into the right way
<SpamapS> nOStahl: they are night and day. :)
<SpamapS> nOStahl: both are really hard to deploy though
<nOStahl> a some continuity then :)
<nOStahl> I'm gearing up to setup a 3 tower cloud soon
<SpamapS> 3 tower?
<nOStahl> one controller 2 nodes
<nOStahl> I have some questions :)
<SpamapS> nOStahl: you sure you do'n't just want to use libvirt? 3 nodes is not a cloud.. its a raindrop :)
<nOStahl> hehe
<nOStahl> raindrops still make splashes into a puddle :)
<nOStahl> so what I'm wondering, if I have the two nodes
<nOStahl> and multiple instances running
<nOStahl> are the instances mirrored on each node?
<nOStahl> what if one node dies etc.
<SpamapS> mirrored? haha
<SpamapS> nOStahl: the idea of the cloud is that your app takes care of redundancy
<nOStahl> there is virtually no documentation out there lol
<SpamapS> Thats just not true
<SpamapS> in fact the proble isn't no documentation, its too much
<SpamapS> nOStahl: http://docs.openstack.org/
<nOStahl> ty
<nOStahl> so the "nodes" i have are dual core with vt , 2 gigs ddr2 ram
<nOStahl> have not bought hard drives yet for them
<nOStahl> optiplex 760 I think they are.
<nOStahl> and another dual core / 2 gig ddr2 machine for the controller
<nOStahl> here's what i'd like to do, i'd like to run a web server , email server and be able to launch instances to test new projects i.e. a different mail server setup and what not.
<SpamapS> nOStahl: 2gigs ? so you're going to run.. 1 VM each?
<nOStahl> that could serve a lot of websites in standard server config
<nOStahl> the machines can be upgraded to max of 8 gigs eventually
<nOStahl> ddr2 memory is crazy expensive right now heh
<SpamapS> nOStahl: serve a lot of non-scalable websites. yes. :)
<SpamapS> nOStahl: for what you're spending on hardware, you could just use Linode, Rackspace, or EC2, and not have the management headache of running your own OpenStack. If you just want to learn though, yeah what you have will let ou earn. :)
<nOStahl> learning is primary
<nOStahl> I live near state surplus
<nOStahl> bought each tower for 10-15 bucks a piece :)
<nOStahl> so as I understand it, the nodes do not need terribly large hard drives?
<nOStahl> ok guys, I got three towers, all 2 gigs of ram ddr2   and dual core procs with vt enabled  what size hard drives would you put in each of the towers to start a small cloud
<nOStahl> hi guys would two of these in raid 1 work well for a starter cloud controller http://www.bestbuy.com/site/Western+Digital+-+Caviar+Green+WD15EARX+1.50+TB+3.5%22+Internal+Hard+Drive/3768098.p?id=1218431526258&skuId=3768098
<SpamapS> nOStahl: if you can fit more, smaller drives, that will be better
<nOStahl> I'm using an hp dc5750 for my controller
<nOStahl> and optiplex 760's for my nodes
<nOStahl> this will be my first foray into the world of raid :)
<nOStahl> not sure what all type of raid is supported
<nOStahl> let me see if I can find out
<SpamapS> nOStahl: well any type, since you'll just use the filesystem on top of the RAID
<nOStahl> I'm not sure how many sata connectors there are in the tower
<nOStahl> ok I can do raid 0 or raid 1
<nOStahl> hrmm its 1:4,000,000 chance that two hard drives will fail it says heh
<SpamapS> nOStahl: use RAID1 unless you really plan to just throw the whole thing away the moment one hard drive fails.
<nOStahl> aye raid1 is what I'm interested in
<nOStahl> there's 4 sata connectors on the mobo
<nOStahl> so here's a question SpamapS
<nOStahl> with the controller i'll be using it for the storage space as well initially
<nOStahl> do i want to partition the raid for the OS ?
<nOStahl> or do I do another independent hard drive for the server software
<nOStahl> and have the raid for the storage
<nOStahl> ah here we go http://www.hp.com/sbso/solutions/pc_expertise/article/raid-dc5750.pdf
#ubuntu-cloud 2012-02-24
<nOStahl> hey guys, given the choice between caviar black and caviar greens what would you use for your storage, I will be doing raid 1
<gholms> Perhaps #hardware would be better.
#ubuntu-cloud 2012-02-26
<flaccid> AuthFailure: Not authorized for images: [ami-4081c512] hmm. do daily images get pulled?
<flaccid> i guess so, now its alpha2 ?
<flaccid> seems so. how long will alph2 images be available for ?
