/srv/irclogs.ubuntu.com/2011/02/09/#ubuntu-cloud.txt

erichammondwill do00:02
erichammondLet me know if you have any other questions or want me to give feedback on any content.00:02
kim0erichammond: Thanks man!00:06
kim0erichammond: drop me a line please if you update the ppa with the dependency .. Thanks00:06
* kim0 → /dev/bed00:09
jmgallowayanyone online?04:38
flaccidnope04:38
erichammondkim0:  ec2-consistent-snapshot 0.37 has been uploaded to the Alestic PPA for Lucid, Maverick, Natty.  It includes the dependency on libnet-amazon-ec2-perl and updated install documentation.07:37
erichammondAll that's needed to install it now is: sudo add-apt-repository ppa:alestic && apt-get update && sudo apt-get install ec2-consistent-snapshot07:40
kim0erichammond: awesome .. you're da man ;)07:55
erichammonder, sudo apt-get update08:48
=== daker_ is now known as daker
atretesHi all, I'm currently setting up a cloud base on 10.04 and I've downloaded a repackaged image from ubuntu uec but when I launch it into the cloud and attempt to ssh into it I get 'No route to host'?14:21
atretesHowever, I downloaded the 10.04 Lucid image from the Image Store and that image works fine with ssh etc. What could possibly be the problem?14:25
kim0atretes: did you publish the repackaged image using uec-publish-tarball ?14:36
atreteskim0: no I used the euca-bundle-image, euca-upload-bundle and euca-register14:38
kim0atretes: uec-publish-tarball is made to make this procedure easy and error free .. would you mind trying with it ?14:39
smoseratretes, pastebin euca-get-console-output <instance-id>14:39
smosersorry to jump in, kim0 , but want to see if there is anything obvious there.14:39
kim0sure .. you're da man ;)14:39
smoserno route to host likely means higher level eucalyptus issues, though, i fear14:39
kim0smoser: while working with a community fellow yesterday, I noticed a natty instance did not launch in eu-west. Unfortunately I don't know the exact AMI id, but what I'm asking is, do we have some auto-testing of all uploaded AMIs to make sure they can boot and be ssh'able ?14:41
kim0if not, that'd be a nice tool to write I guess14:41
smoserwe do not.14:41
smoseryes, we need much test.14:41
smoseri386 t1.micro is known broken in alpha214:42
* kim0 notes down14:42
smoserbut all others "should work"14:42
kim0indeed .. that was probably it14:42
smoserit does work on dailies now14:42
kim0and I thought alpha2 had more testing than dailies :)14:42
atretessmoser, http://pastebin.com/w8gv6Bh814:52
smoserwell, kim0 it did. i *knew* alpha2 didn't work on t1.micro i386.14:53
smoserif you asked me about yesterday's daily, i wouldn't have known for sure :)14:53
kim0atretes: hehe14:53
kim0sorry .. that was to smoser14:53
smoseratretes, where did you get this image ?14:53
smoserit would seem to me that it is a lucid image, and it is waiting on the availability of eth0.14:54
atretessmoser, I downloaded the tarball from http://uec-images.ubuntu.com/releases/lucid/release/ and then added the postgresql package to it by mounting the image via loop and then bundled it with euca2ools14:55
atretessmoser, might is be a udev issue?14:56
smoserhm...14:56
RobertLaptopI have a licensing question.  We are currently using ESXi and wanting to move a more cloud based structure but money is an issue there is no budget for the conversion.  I was looking at various cloud options and found a webnair on ubuntu-cloud but what I can't tell is if you have a CE version or a non-pay version?  Does anyone have an info on that?14:57
atretessmoser, I tried building my own kvm images from scratch and got the same issue but the image from the Ubuntu Image Store works with no problems14:57
smoseratretes, could you do me a favor and cut out the "added postgresql package" step ?14:57
smoserie, just take the iamge you downloaded, do not modify and test it14:57
smoservia the same bundle and upload that you did after you modified it14:57
kim0RobertLaptop: if you don't need support .. you're free to use Ubuntu server/cloud for free forever14:57
RobertLaptopkim0, Cool.  What about Landscape Dedicated Server is that true as well?14:59
atretessmoser, sure let me try14:59
kim0RobertLaptop: nope, afaik landscape only offers a free trial14:59
kim0RobertLaptop: I'm sure price wise, it would be quite competitive however compared to other options14:59
=== Kiall is now known as Kiall|AFK
kim0RobertLaptop: and you don't necessarily need it to manage UEC, although it does make things nicer15:00
RobertLaptopIs landscape a one time cost or a required subscription?  I am referring to the Dedicated Server not the hosted version.  Also does that mean all node servers have to be licensed as well?15:03
smoseratretes, but, in the end, i woudl recommend either uec-publish-tarball, or uec-publish-image (as kim0 suggested).  they're just much easier to work with IMO than euca-bundle-image, euca-upload-bundle, euca-register15:03
atretessmoser, yeah I will give that a bash too15:06
kim0RobertLaptop: I think you should contact Sales https://forms.canonical.com/sales/15:06
RobertLaptopkim0, I tried that a few months ago and never got a reply.  I guess I could retry.15:07
atretessmoser, Ok this sucks - I used the base 'untarnished' image that I downloaded and bundled is with the euca2ools, and ssh is working. So what could possibly have changed with my custom image?15:13
smoseri do suspect udev persistent network15:14
smoserbut don't really understand how you would have gotten those there.15:15
smoserhold on15:15
smoseratretes, do you have /etc/udev/rules.d/70-persistent-net.rules or /etc/udev/rules.d/z25_persistent-net.rules in the instance ?15:16
smosererr.. in your re-bundled image15:16
atretessmoser, well to get apt running in my mounted image I had to 'mount -bind /dev /tmp-mnt/dev'  and then chroot... that might've messed with things15:16
smoserdo you have those files there ? (/etc/udev)15:18
atretessmoser, well in the instance that is currently running it is 70-persistent-net.rules15:19
smoserwell, i suspect that that file has a mac addr in it that is different than your instance15:19
smoserie, your instance probably has eth1 and is sitting waiting forever for eth015:20
atretessmoser, and the same in the re-bundled image15:20
atretessmoser, hmmm yeah that would be a problem - so should I just remove is completely?15:21
smoseratretes, yes, remove that.15:21
smoserin your image, remove it, then re-register an ami, and try again15:22
smoseri relaly dont know what would have gotten that file there... i guesss somehow udev got started in your chroot ... and wrote that.15:22
smoseri'd not seen that before though15:22
atretessmoser, ok so I assume eucalyptus creates a new rule file when the image get instantiated with the generated mac?15:23
smoserno15:24
smosereucalyptus does not modify the image contents. (other than in the networking setups that do not have a metadata service, and then, they only insert .ssh/authorized_keys)15:24
atretesok15:25
smoserfwiw, i find it a serious bug for them to tinker inside the image contents.15:25
smoser(i would be pretty ticked off if my thinkpad bios decided it should read the filesystem and modify some things on my behalf)15:25
atretesI think so too15:25
atretesbut what confuses me is that if a ssh into the instance that is currently running it does contain a 70-persistent-net.rules file...15:26
atretessmoser, you are a legend - my image is working! thanks so much :)15:46
smoseratretes, it *should* have that file15:47
smoserthe instance should, but the image should not.15:47
atretessmoser, ah I understand15:47
smoserbug 341006 has more info15:48
uvirtbotLaunchpad bug 341006 in udev "ease cloning of virtual images by disabling mac address rules" [Wishlist,Fix released] https://launchpad.net/bugs/34100615:48
kim0erichammond: Pushed the cast, thanks for the help http://www.youtube.com/user/ubuntucloud#p/a/u/0/SPVqJWWiLVI16:18
atreteskim0, Very nice cast, does this work with eucalyptus?17:16
kim0atretes: um probably erichammond might know better17:17
kim0I guess it depends on the api compatibility level .. but generally should work I'd think17:17
atretesnice, I will check it out a bit further17:21
erichammondkim0, atretes: I've never used Eucalyptus/UEC and have no plans to as I'm happy to get out of the hardware maintenance business and let Amazon take care of it for me.18:01
Abd4llAping kim018:04
kim0Abd4llA: hey18:04
kim0How's it going18:04
Abd4llAfine, I've started implementing the EC2 AMI migration tool, saw u were looking for volunteers on ur blog18:05
kim0woohoo18:05
Abd4llAwas just gonna send a mail to mailing list18:05
kim0that sounds awesome18:05
kim0where can we check out the code18:05
Abd4llAhttps://code.launchpad.net/~abd4lla/+junk/ec2-ebs-migrate18:06
Abd4llAnothing fancy yet18:06
* kim0 clicking18:06
Abd4llAwas thinking to take some opinions and ask for help, the tool is not big though, but opinions at this point would be valuable18:06
kim0Abd4llA: Is this your first contribution to ubuntu18:07
Abd4llAfirst code contribution idd, I delivered a session previously in AppDev week18:08
* kim0 hugs Abd4llA 18:09
Abd4llAhehe18:09
Abd4llAso what do u think the plan should be?18:09
kim0Abd4llA: Ok, first of all ... Indeed I think you should send an email to the ubuntu-cloud list18:10
kim0so that others wanting to work on this tool can join forces18:10
kim0actually I'll probably try to hack on it a bit too18:10
kim0Other than that .. do you feel like you have concrete questions or parts you'd like help with ?18:10
Abd4llAnot really, but would be gr8 if someone from the servers guys did a quick review or something, as I said, opinions at this early stage are valuable18:12
Abd4llAspecially regarding the general implementation approach18:12
kim0aha18:12
kim0smoser is generally the man who'd know best about that tool ..18:12
kim0smoser would you be able to quickly check out the implementation approach18:14
kim0Abd4llA: well don't expect something realtime :) but it'll come18:14
kim0hang in here for a while if that's ok18:15
Abd4llAsure18:15
smoserAbd4llA, so, reading a bit, overall looks reaonsble. i like that you laid things out and documented what you're expecting to do18:17
smoserdef prepareDestinationVol(dstInstance, volumeSize):18:18
smoserreally, the ideal migrate of the instance involes copying the filesystem type and LABEL also.18:19
kim0I notice a couple of issues .. Do we always assume ext3 ? Do we always assume the ebs vol is not partitioned ?18:19
smoserand i would even suggest UUID.18:19
kim0are those reasonable assumptions ?18:19
smoserebs root volumes are not partitioned.  amazon/xen does tricks such that the root volume comes up when booted named /dev/sda118:19
smoser(xen is really wierd...actually, the device you're used to seeing as /dev/xvda1 or /dev/sda1 is not a partition, it is a funny named block device -- look in /sys and you'll see what i mean)18:20
smoserbut, no, you can't assume ext318:20
Abd4llAsmoser: yeah , would do that idd,18:21
Abd4llAkim0: I was thinking about detecting the fs, so far the only idea I've is using the "file" command18:21
smoserwe're cheating in some way by not copying the full volume. we're only copying the filesystem contents, which is good, but if you lose attributes of that filesystem, its bad.18:21
smoser:)18:21
kim0what about blkid18:22
kim0I hate running commands like so .. I wish Linux servers had a low level api :)18:22
smoseri recently did this for euca-bundle-vol and ec2-bundle-vol18:23
smoserand use blkid to get UUID and LABEL and TYPE18:23
Abd4llAok, good enough for me18:24
Abd4llAsmoser: are the kernel_ids avaible across regions ?18:25
smoseryou can see mkfs at http://bazaar.launchpad.net/~ubuntu-virt/ubuntu/natty/euca2ools/natty/view/head:/euca2ools/euca2ools/__init__.py if you're interested.18:25
smoseroh, good question.18:25
kim0consistent you mean ?18:25
smoserno.18:25
Abd4llAkim0: yes :)18:25
smoserfor migrating, what you'll have to do is fish through available kernels/ramdisks in the target region and try to match18:26
smoserfun, eh?18:26
Abd4llA:S18:26
kim0smoser: try to match based on ?18:26
smoserbased on manifest path18:26
Abd4llAI C18:26
smoserwhat i would suggest is first looking and seeing if there is a single match by owner-id and manifest-basename in the target region18:27
smoserif so, use it.18:27
smoserif there are no candidates matching basename, give up, require user to tell you18:27
smoserif there are more than 1 (and there will be for anything we've published), then you really get to fixh18:27
smoserfish18:27
smoserwe use a naming convention, we have different buckets, and you have to be careful to stay in the same "bucket basename".18:28
smoserour buckets are named18:28
smoseraccording to https://wiki.ubuntu.com/UEC/Images/NamingConvention18:28
smoserubuntu-kernels-us -> ubuntu-kernels-eu-west-1 -> ubuntu-kernels-ap-southeast-118:29
smoserbut we also have18:29
smoserubuntu-kernels-testing-us -> ubuntu-kernels-testing-ap-souteast-1 ...18:29
kim0can't we just download the kernel and re-register it on the other side18:30
kim0smoser: also with newish pvgrub images .. we don't need to do anything right?18:31
smoserwell, you still have to basename match18:32
smoseryou cannot download kernels, and only priviledged accounts can register on the other side18:32
kim0Abd4llA: how are you planning on establshing ssh keys across the 2 instances ?18:33
kim0for rsync'ing18:33
Abd4llAkim0: I plan to generate a key pair on a machine and then copy the key to other one18:35
kim0so you'd download it locally .. and upload to the other side18:37
kim0I guess we'd have to do it that way18:37
Abd4llAI'd just remotely cat it from one machine, and remotely write it to the file on the other one18:38
Abd4llAif u consider that *downloading*18:38
kim0Abd4llA: catloading is better :)18:39
Abd4llAsmoser: any suggestion regarding that point ?18:40
smoseri didn't follow it18:40
kim0copying ssh keys between the 2 sides18:40
smoseroh. i see. yeah, i think his solution is good.18:41
smoseryou could use cloud-config to add the ssh key to the instances18:41
kim0smoser: inst1 needs to ssh into inst2 .. neither have private keys .. so we'd need to generate them I guess18:42
smosercreate one locally, then, launch both instances such that they have that key (then you can even *use* that key to get to them)18:42
smoserthen you wouldn't have to muck around with '--key' in the launching of the instance18:42
smoserthat make sense ?18:42
kim0not to me .. I still think we *have* to generate18:43
kim0cloud-init puts public keys right ?18:43
Abd4llAI'm not full aware of cloud-init18:43
* Abd4llA googles18:43
kim0instance won't have a private key .. How can ubuntu@i1 ssh to ubuntu@i2 then ?18:43
smoserright, kim018:44
smoserhttp://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt18:44
smoserAbd4llA, thats what you're looking for.18:44
smoser * generate a new ssh private/public key18:44
smoser * launch both instances with 'ssh_authorized_keys'18:45
kim0aha18:45
smoser * connect to source instance, put private key in place (you can't do this from cloud-init, but you could do it with a runcmd or user-script)18:46
erichammondInfo on uploading an ssh key to ec2: http://alestic.com/2010/10/ec2-ssh-keys18:46
smoserat that point, src can talk to dest18:46
erichammondthough smoser's approach sounds simpler for this use.18:46
smosererichammond, yeah, that works.18:46
Abd4llAbut that'd add a dependency on cloud-init18:46
erichammondno need to involve EC2 account18:46
smoseri dont know if my use case is simpler or not.18:46
smoserAbd4llA, its a dependency on the utility instances.18:47
smoserthe end user doesn't give 2 hoots which instances you use to do this for them18:47
kim0erichammond: that uploads pub keys only right? no way to send over priv keys ?18:48
smoseri would suggest not requiring utility instance-ids to be input, but using either hard coded values, or values from http://uec-images.ubuntu.com/query (for known regions)18:48
erichammondkim0: Correct.  You are not giving EC2 access to your private keys, just the public side.18:48
smoserkim0, correct. you really don't ever want to give someone your private keys !18:48
smoserthat was one of the benefits of the "upload keypair" functionality18:48
* kim0 scratches head18:48
kim0if I'm only uploading pub keys to the 2 instances .. how can I expect them to ssh into one another18:49
smoserso, for erichammond's solutionj with upload-keypair to work, you'd still have to deal with getting the private key to source instance.18:49
smoseryou have to do that.18:49
smoserperiod18:49
Abd4llAhmm, maybe I'm not getting the full requirements, so this utility would be used by end users, but they'd use predefined ids provided by ubuntu18:49
smoserwhy not?18:49
kim0the utility instance could be ubuntu .. but the tool could be copying centos or windows18:50
erichammondWhat "ids"?18:50
kim0erichammond: the utility ami18:50
smoserthey have to 2 utility instances to write to EBS volumes.18:50
smoserhave to run 2 utility instances18:50
erichammondah, sure.  AMIs don't matter.18:50
kim0Windows .. I guess we can't really copy that yet :)18:50
smoseryou can't possibly expect that you can work with *any* 2 utility instance image ids18:50
smoserright ?18:50
smoserie, it can't be windows, it has to have ssh...18:50
kim0I mean the vol to be copied .. cant even be windows18:51
erichammonder, don't matter to the user.18:51
smoserright.18:51
Abd4llAyeah, I thought we'd just document the utility instance requirements18:51
kim0so it's Ubuntu instance copying any Linux18:51
Abd4llAbut ok, that works even better for me :)18:51
Abd4llAsmoser: one final Q, ubuntu instances have their apt repos configured per region, some blog post did a manual cleanup to the sources list of the AMI after migration18:54
kim0I wonder if there's some higher level tool than tar .. to copy (potential partitions, fs, label, uuid, data, acl, xattr...)18:54
Abd4llA*ubuntu AMIs18:54
smoserAbd4llA, you should not need to do that.18:55
Abd4llAI was considering offering the option to mount provide the end user with access to the AMI mounted under some directory and prompt him to do any manual cleanup18:55
smoser/etc/apt/sources.list is written on instance-first-boot with appropriate data.18:55
kim0nice18:56
Abd4llA:)18:56
Abd4llAnice18:56
smoserAbd4llA, you could allow for something like tha tthough.18:56
smoserit is possible that there are other things that someone would want to do.18:56
=== Kiall|AFK is now known as Kiall
smoseri'd suggest allowing the end user to input scripts to run, and execute those scripts on the utliity instance, passing them the path to the mount point, and possibly information like "region" or something.18:57
smoserbut thats getting fancy18:57
Abd4llAhehe :) , but yeah that's possible, maybe running the scripts in a chroot ?18:58
kim0smoser: do you think using some higher level tools (partimage ..etc) might make sense ?19:00
kim0we're still loosing acls, xattrs, selinux contexts ..etc right?19:00
kim0with tar that is19:00
smoseroh, i didn't see there was using tar19:01
smoserdont use tar19:01
smoser:)19:01
kim0hehe19:01
kim0actually I think it was rsync19:01
kim0I still wonder if it can copy those19:01
smoserrsync -aXHAS19:02
* kim0 nods19:03
smoseryou could optionally allow the user to specify volume-copy, which you'd just use 'dd'.19:03
kim0at which stage you would have done a full enterprise datacenter cloning utility :)19:03
Abd4llAdd over nc ?19:04
kim0I guess we'd wanna compress the ssh connection as well19:04
kim0ssh I'd think19:04
Abd4llAinteresting :)19:04
kim0cool19:04
kim0Abd4llA: great work man .. rock on19:04
Abd4llAthnx kim0 smoser19:05
kim0Abd4llA: ping me if you need any help .. if I don't know, I'll at least point you19:05
Abd4llAsure thing19:06
smoserAbd4llA, no problem. feel free to ping.19:06
smoseryou would probably do better to just to rsync -z, than to compress the ssh session.19:07
smoserhm..19:07
smoseri think it would work:19:07
smoserrsync -some-options-here -S /dev/sdg other-host:/dev/sdg19:07
smoserwoudl be better than dd as it woudln't send zeros, or write zeros19:08
* Abd4llA councling his big rsync man19:08
smoserthe -some-option- was because in that case you dont want it to copy the node, but the contents of the device. so -a isn't right idont think19:09
kim0that block mode is probably simpler to implement19:11
smoseryeah, i think you'd get it with no arguments.19:11
kim0smoser: thanks for all the help19:12
jwstasiakhey all - new to the cloud-init/config world. I'm running on an ec2 instance of maverick (ami: ami-cef405a7) and having a few problems: 1. I can't get ouput to send output to a file. 2. I haven't been able to turn off interactivity - installing sun-java6-bin looks like it's clobbering my apt packages. Any ideas?20:26
kim0jwstasiak: for silent java install .. you need something like http://mmcgrana.github.com/2010/07/install-java-ubuntu.html22:03
kim0jwstasiak: for redirecting logs to a file check user_setup in http://smoser.brickies.net/ubuntu/uec-seed/user-data22:04
kim0for a sample22:04
jwstasiakkim0: thanks - I had something similar in a user-data script I've been working on  - I was hoping there'd be a way to do it via cloud-config, but didn't see anyway of doing it after looking through the source (.5.15 ubuntu3)22:11
jwstasiakkim0: after poking around everything today, I think the user-data scrpt is prolly the way to go for now22:12

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!