You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Rohit Yadav <ro...@apache.org> on 2018/01/15 11:32:39 UTC
[VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Thanks all for your participation towards 4.11.0.0 RC1.
We've managed to discover and fix about 10 blocker fixes, I'll close RC1 voting now and cut RC2 shortly.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Frank Maximus <fr...@nuagenetworks.net>
Sent: Wednesday, January 24, 2018 2:08:40 PM
To: dev@cloudstack.apache.org
Cc: users
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
I found and fixed an issue in cloudstack-agent logrotate.
https://issues.apache.org/jira/browse/CLOUDSTACK-10255
https://github.com/apache/cloudstack/pull/2429
IMHO it's feasible to include it in RC2.
As only the maven build is impacted by the change,
I see little risk.
Regards,
Frank
On Wed, Jan 24, 2018 at 1:31 PM Rohit Yadav <ro...@shapeblue.com>
wrote:
> All,
>
>
> We don't have any outstanding blocker PRs now.
>
>
> I could n't reproduce any regression wrt only VM-HA in RC1. By killing a
> HV host (and keep it that way, i.e. not rebooting it), HA enabled VMs did
> migrate to other hosts in a test I did.
>
>
> The only potential (blocker) issue seems to be a ldap related regression
> reported on users@ that Daan is looking into, which may or may not be a
> blocker but a configuration issue.
>
>
> Given, we're approaching the end of the week, it's likely we cut RC2 on
> Monday. Please continue testing RC1 in the meanwhile.
>
>
> Regards,
>
> Rohit Yadav
>
>
> ________________________________
> From: Nux! <nu...@li.nux.ro>
> Sent: Wednesday, January 24, 2018 9:29:21 AM
> To: users
> Cc: dev
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Paul,
>
> Ok, let me play some more with those tunings params, see if I can find a
> satisfactory combination and I'll withhold a -1 on this on the basis that
> I've just misunderstood the whole thing. :)
>
> Thanks
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
----- Original Message -----
> > From: "Paul Angus" <pa...@shapeblue.com>
> > To: "users" <us...@cloudstack.apache.org>
> > Cc: "dev" <de...@cloudstack.apache.org>
> > Sent: Tuesday, 23 January, 2018 19:55:01
> > Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> > Hey Nux,
> >
> > There is quite a bit of tuning you can do, to speed or slow CloudStack's
> > decision making, but we need to be sure that when we lose contact with a
> host
> > agent, that the VMs themselves really are dead. By default host-ha is
> set to
> > be super sure.
> >
> > There are various timeouts which can be configured to decide how long to
> wait
> > for a host to restart before deciding that it is not going to start as
> well as
> > how many times we should check for disk activity from the resident VMs
> of a
> > suspect host.
> >
> > The parameters are detailed here.
> > https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
> >
> > Honestly, the aim of Host HA was to fix the particular issue that you are
> > describing as we can't remember a time when it did work reliably.
> >
> >
> >
> > paul.angus@shapeblue.com
> > www.shapeblue.com<http://www.shapeblue.com>
> > 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> > @shapeblue
> >
> >
> >
> >
> > -----Original Message-----
> > From: Nux! [mailto:nux@li.nux.ro]
> > Sent: 23 January 2018 19:08
> > To: users <us...@cloudstack.apache.org>
> > Cc: dev <de...@cloudstack.apache.org>
> > Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >
> > Hi Paul,
> >
> > To be honest I do not remember when I last saw this, as I have not been
> testing
> > ACS in 2017.
> > You'd kill a HV, the VMs would pop up on another after a few minutes.
> >
> > Even with Host HA, the VMs remain down until the hypervisor is back up,
> > restarted by OOBM - however if that HV has suffered a HW fault and needs
> to be
> > removed, then those VM will be down for a long time ...
> >
> > Unless I got things quite wrong, (VM) HA - one of the big selling points
> of ACS
> > - is essentially broken?
> >
> > --
> > Sent from the Delta quadrant using Borg technology!
> >
> > Nux!
> > www.nux.ro
> >
> > ----- Original Message -----
> >> From: "Paul Angus" <pa...@shapeblue.com>
> >> To: "users" <us...@cloudstack.apache.org>, "dev"
> >> <de...@cloudstack.apache.org>
> >> Sent: Tuesday, 23 January, 2018 16:02:54
> >> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >
> >> Hi Nux,
> >>
> >> When have you seen the VMs on KVM behaving in the manner which you are
> >> expecting? I recall it didn’t work that way in the mid 4.5 versions
> >> (we found out the hard way in front of a customer) and it doesn't
> >> behave the way you are expecting 4.9 - I've just tested it.
> >>
> >> You need host-ha enabled to get reliable HA in the event of a host
> >> crash, that is why we developed the host ha feature.
> >>
> >> Kind regards,
> >>
> >> Paul Angus
> >>
> >> paul.angus@shapeblue.com
> >> www.shapeblue.com<http://www.shapeblue.com>
> >> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: Nux! [mailto:nux@li.nux.ro]
> >> Sent: 23 January 2018 15:06
> >> To: dev <de...@cloudstack.apache.org>
> >> Cc: users <us...@cloudstack.apache.org>
> >> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>
> >> Rohit,
> >>
> >> I'll also have to insist with the VM HA issue.
> >> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
> >>
> >> Lucian
> >>
> >> --
> >> Sent from the Delta quadrant using Borg technology!
> >>
> >> Nux!
> >> www.nux.ro
> >>
> >> ----- Original Message -----
> >>> From: "Rohit Yadav" <ro...@shapeblue.com>
> >>> To: "dev" <de...@cloudstack.apache.org>, "users"
> >>> <us...@cloudstack.apache.org>
> >>> Sent: Tuesday, 23 January, 2018 14:28:34
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>
> >>> All,
> >>>
> >>>
> >>> Given we've outstanding blockers and PRs in review/testing, I'll cut
> >>> RC2 only after we manage to get them reviewed, tested and merged.
> >>>
> >>>
> >>> The outstanding PRs considered for RC2 are:
> >>>
> >>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
> >>> for security groups)
> >>>
> >>> https://github.com/apache/cloudstack/pull/2419 (Password server
> >>> issue)
> >>>
> >>>
> >>> In addition we've following issues to receive fixes:
> >>>
> >>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
> >>>
> >>> - Dynamic roles upgrade fixes:
> >>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
> >>>
> >>>
> >>> Please share any other issues you've found, or I've missed. Thanks,
> >>> and continue testing RC1.
> >>>
> >>>
> >>> - Rohit
> >>>
> >>> <https://cloudstack.apache.org>
> >>>
> >>>
> >>>
> >>> ________________________________
> >>> From: Rohit Yadav <ro...@shapeblue.com>
> >>> Sent: Monday, January 22, 2018 11:18:27 AM
> >>> To: Paul Angus; users@cloudstack.apache.org;
> >>> dev@cloudstack.apache.org
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
> >>> had discussed this as a doc bug and so it must be documented part of
> >>> the 4.11 release notes as well.
> >>>
> >>>
> >>> There are two ways admin can migrate to dynamic roles post-upgrade:
> >>>
> >>>
> >>> 1. Enable dynamic.apichecker.enabled to true which will use the
> >>> default api mapping of rules from 4.8 commands.properties and
> >>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
> >>> Or,
> >>>
> >>> 2. The migration script is only useful where admins were not using
> >>> the default api rule mappings and they strictly want to
> >>> check/migrate each API. This approach requires admins to go through
> >>> new APIs and fix commands.properties before running the migration
> >>> scriopt (we've been sharing the new/change API list in release notes,
> for
> >>> example:
> >>>
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands
> ).
> >>> (for reference, doc:
> >>>
> >>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
> >>> e
> >>> n/latest/accounts.html#using-dynamic-roles)
> >>>
> >>>
> >>> Unlike the dynamic API checker, the static checker does not even
> >>> allow the root API to access all the APIs which is why post upgrade,
> >>> if the UI calls any API that is not allowed for the root admin (in
> >>> this case the quotaIsEnabled API) the UI will logout the user on API
> >>> unauthorized failure which is what happened.
> >>>
> >>>
> >>> So, we can discuss two fixes:
> >>>
> >>> - Like dynamic checker, let the static checker allow all APIs only to
> >>> the root admin (id=1) (I would not prefer to change the legacy
> >>> behaviour though)
> >>>
> >>> - During upgrade, if commands.properties is missing we set the global
> >>> setting to true, i.e. switch to dynamic roles (which would happen if
> >>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
> >>> they fail to copy the commands.properties file from /usr/share or /etc
> paths).
> >>>
> >>>
> >>> Thoughts?
> >>>
> >>>
> >>> - Rohit
> >>>
> >>> <https://cloudstack.apache.org>
> >>>
> >>>
> >>>
> >>> ________________________________
> >>>
> >>> rohit.yadav@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>>
> >>> rohit.yadav@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>> From: Paul Angus
> >>> Sent: Monday, January 22, 2018 9:24:25 AM
> >>> To: users@cloudstack.apache.org
> >>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
> >>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> If I've understood the issue correctly, "not being able to log in if
> upgrading
> >>> from 4.5" is a blocker in my book. I don't think that it should be
> the duty
> >>> of the Admin, to fix our oversights. Migration to the use of dynamic
> >>> roles is also broken as the command will be missing from
> >>> commands.properties in the first place, so the 'migrated' commands
> >>> will not be complete.
> >>>
> >>> As there will need to be an RC2, IMO this upgrade issue should be
> >>> fixed as part of it.
> >>>
> >>>
> >>>
> >>> Kind regards,
> >>>
> >>> Paul Angus
> >>>
> >>>
> >>> VP Technology
> >>> paul.angus@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>>
> >>>
> >>>
> >>>
> >>> -----Original Message-----
> >>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> >>> Sent: 22 January 2018 07:31
> >>> To: users@cloudstack.apache.org
> >>> Cc: Rohit Yadav <ro...@shapeblue.com>;
> >>> dev@cloudstack.apache.org; Daan Hoogland
> >>> <da...@shapeblue.com>
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> Hi Paul,
> >>> Migration script considers only what’s in the command.properties
> >>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
> >>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
> >>> take care of aligning this up. I’m also not big fan of having this
> >>> described in release notes, but would like to be included
> >>> automatically during upgrade. Main argument against it, its not a
> blocker.
> >>>
> >>> Bobby.
> >>>
> >>>
> >>> boris.stoyanov@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com>
> wrote:
> >>>>
> >>>> OK, just to confirm ‘we’ the community have basically deprecated the
> >>>> use of commands.properties?
> >>>>
> >>>> But for people upgrading from a version before dynamic roles, does
> >>>> the migration script take into account (or need to take into
> >>>> account) the ‘missing’
> >>>> quotaIsEnabled=15 parameter?
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> paul.angus@shapeblue.com
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>
> >>>>
> >>>>
> >>>> From: Rohit Yadav
> >>>> Sent: 19 January 2018 09:27
> >>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
> >>>> Paul Angus <pa...@shapeblue.com>
> >>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>
> >>>>
> >>>> Hi Bobby,
> >>>>
> >>>>
> >>>>
> >>>> Agree, it's not user-friendly which is why admins should migrate to
> >>>> the dynamic roles feature. But I'm not sure if this is a blocker and
> >>>> if an admin wants to stick to the old static (commands.properties)
> >>>> way, they need to manage changes themselves. We may add something to
> >>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
> >>>>
> >>>>
> >>>>
> >>>> - Rohit
> >>>>
> >>>>
> >>>>
> >>>> Software Architect
> >>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> ________________________________
> >>>> From: Boris Stoyanov
> >>>> <bo...@shapeblue.com>>
> >>>> Sent: Friday, January 19, 2018 2:51:32 PM
> >>>> To: users
> >>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>
> >>>> Hi Rohit,
> >>>>
> >>>> That doesn’t sound much user friendly what do you think? Can we look
> >>>> for a way to automate this dependency in the upgrade process?
> >>>>
> >>>> Bobby.
> >>>>
> >>>>
> >>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>
> >>>>
> >>>>
> >>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
> >>>>> <ro...@shapeblue.com>> wrote:
> >>>>>
> >>>>> Hi Bobby,
> >>>>>
> >>>>>
> >>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
> >>>>> how static checker with commands.properties work, admins will be
> >>>>> required to add/update new API/ACLs in the commands.properties file.
> >>>>>
> >>>>> Adding the following to commands.properties file and restarting
> >>>>> mgmt server fixes the issue:
> >>>>>
> >>>>> quotaIsEnabled=15
> >>>>>
> >>>>>
> >>>>> Please continue testing, thanks.
> >>>>>
> >>>>>
> >>>>> - Rohit
> >>>>>
> >>>>> <https://cloudstack.apache.org>
> >>>>>
> >>>>>
> >>>>>
> >>>>> ________________________________
> >>>>> From: Boris Stoyanov
> >>>>> <bo...@shapeblue.com>>
> >>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
> >>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>>
> >>>>> I think I’ve hit a blocker when upgrading to 4.11
> >>>>>
> >>>>> Here’s the jira id:
> >>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
> >>>>>
> >>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
> >>>>> got session expired immediately.
> >>>>>
> >>>>> Regards,
> >>>>> Boris Stoyanov
> >>>>>
> >>>>>
> >>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> >>>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> >>>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> >>>>> @shapeblue
> >>>>>
> >>>>>
> >>>>>
> >>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
> >>>>> <Mike.Tutkowski@netapp.com<mailto:Mike.Tutkowski@netapp.com<mailto:
> Mike.Tutkowski@netapp.com%3cmailto:Mike.Tutkowski@netapp.com>>>
> >>>>> wrote:
> >>>>>
> >>>>> Hi everyone,
> >>>>>
> >>>>> For the past couple days, I have been running the KVM managed-storage
> >>>>> regression-test suite against RC1.
> >>>>>
> >>>>> With the exception of one issue (more on this below), all of these
> tests have
> >>>>> passed.
> >>>>>
> >>>>> Tomorrow I plan to start in on the VMware-related managed-storage
> tests.
> >>>>>
> >>>>> Once I’ve completed running those, I expect to move on to the
> XenServer-related
> >>>>> managed-storage tests.
> >>>>>
> >>>>> I ran these XenServer and VMware tests just prior to RC1 being
> created, so I
> >>>>> suspect all of those tests will come back successful.
> >>>>>
> >>>>> Now, with regards to the one issue I found on KVM with managed
> storage:
> >>>>>
> >>>>> It relates to a new feature whereby you can online migrate the
> storage of a VM
> >>>>> from NFS or Ceph to managed storage.
> >>>>>
> >>>>> During the code-review process, I made a change per a suggestion and
> it
> >>>>> introduced an issue with this feature. The solution is just a couple
> lines of
> >>>>> code and only impacts this one use case. If you are testing this
> release
> >>>>> candidate and don’t really care about this particular feature, it
> should not at
> >>>>> all impact your ability to test RC1.
> >>>>>
> >>>>> Thanks!
> >>>>> Mike
> >>>>>
> >>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
> >>>>> <rohit@apache.org<mailto:rohit@apache.org<mailto:rohit@apache.org%
> 3cmailto:rohit@apache.org>>>
> >>>>> wrote:
> >>>>>
> >>>>> Hi All,
> >>>>>
> >>>>> I've created a 4.11.0.0 release, with the following artifacts up for
> >>>>> testing and a vote:
> >>>>>
> >>>>> Git Branch and Commit SH:
> >>>>>
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> >>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
> >>>>>
> >>>>> Source release (checksums and signatures are available at the same
> >>>>> location):
> >>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
> >>>>>
> >>>>> PGP release keys (signed using
> 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> >>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> >>>>>
> >>>>> The vote will be open for 72 hours.
> >>>>>
> >>>>> For sanity in tallying the vote, can PMC members please be sure to
> indicate
> >>>>> "(binding)" with their vote?
> >>>>>
> >>>>> [ ] +1 approve
> >>>>> [ ] +0 no opinion
> >>>>> [ ] -1 disapprove (and reason why)
> >>>>>
> >>>>> Additional information:
> >>>>>
> >>>>> For users' convenience, I've built packages from
> >>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1
> repository here:
> >>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
> >>>>>
> >>>>> The release notes are still work-in-progress, but the
> systemvmtemplate
> >>>>> upgrade section has been updated. You may refer the following for
> >>>>> systemvmtemplate upgrade testing:
> >>>>>
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
> >>>>>
> >>>>> 4.11 systemvmtemplates are available from here:
> >>>>> https://download.cloudstack.org/systemvm/4.11/
> >>>>>
> >>>>> Regards,
> > > >>> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Thanks all for your participation towards 4.11.0.0 RC1.
We've managed to discover and fix about 10 blocker fixes, I'll close RC1 voting now and cut RC2 shortly.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Frank Maximus <fr...@nuagenetworks.net>
Sent: Wednesday, January 24, 2018 2:08:40 PM
To: dev@cloudstack.apache.org
Cc: users
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
I found and fixed an issue in cloudstack-agent logrotate.
https://issues.apache.org/jira/browse/CLOUDSTACK-10255
https://github.com/apache/cloudstack/pull/2429
IMHO it's feasible to include it in RC2.
As only the maven build is impacted by the change,
I see little risk.
Regards,
Frank
On Wed, Jan 24, 2018 at 1:31 PM Rohit Yadav <ro...@shapeblue.com>
wrote:
> All,
>
>
> We don't have any outstanding blocker PRs now.
>
>
> I could n't reproduce any regression wrt only VM-HA in RC1. By killing a
> HV host (and keep it that way, i.e. not rebooting it), HA enabled VMs did
> migrate to other hosts in a test I did.
>
>
> The only potential (blocker) issue seems to be a ldap related regression
> reported on users@ that Daan is looking into, which may or may not be a
> blocker but a configuration issue.
>
>
> Given, we're approaching the end of the week, it's likely we cut RC2 on
> Monday. Please continue testing RC1 in the meanwhile.
>
>
> Regards,
>
> Rohit Yadav
>
>
> ________________________________
> From: Nux! <nu...@li.nux.ro>
> Sent: Wednesday, January 24, 2018 9:29:21 AM
> To: users
> Cc: dev
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Paul,
>
> Ok, let me play some more with those tunings params, see if I can find a
> satisfactory combination and I'll withhold a -1 on this on the basis that
> I've just misunderstood the whole thing. :)
>
> Thanks
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
----- Original Message -----
> > From: "Paul Angus" <pa...@shapeblue.com>
> > To: "users" <us...@cloudstack.apache.org>
> > Cc: "dev" <de...@cloudstack.apache.org>
> > Sent: Tuesday, 23 January, 2018 19:55:01
> > Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> > Hey Nux,
> >
> > There is quite a bit of tuning you can do, to speed or slow CloudStack's
> > decision making, but we need to be sure that when we lose contact with a
> host
> > agent, that the VMs themselves really are dead. By default host-ha is
> set to
> > be super sure.
> >
> > There are various timeouts which can be configured to decide how long to
> wait
> > for a host to restart before deciding that it is not going to start as
> well as
> > how many times we should check for disk activity from the resident VMs
> of a
> > suspect host.
> >
> > The parameters are detailed here.
> > https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
> >
> > Honestly, the aim of Host HA was to fix the particular issue that you are
> > describing as we can't remember a time when it did work reliably.
> >
> >
> >
> > paul.angus@shapeblue.com
> > www.shapeblue.com<http://www.shapeblue.com>
> > 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> > @shapeblue
> >
> >
> >
> >
> > -----Original Message-----
> > From: Nux! [mailto:nux@li.nux.ro]
> > Sent: 23 January 2018 19:08
> > To: users <us...@cloudstack.apache.org>
> > Cc: dev <de...@cloudstack.apache.org>
> > Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >
> > Hi Paul,
> >
> > To be honest I do not remember when I last saw this, as I have not been
> testing
> > ACS in 2017.
> > You'd kill a HV, the VMs would pop up on another after a few minutes.
> >
> > Even with Host HA, the VMs remain down until the hypervisor is back up,
> > restarted by OOBM - however if that HV has suffered a HW fault and needs
> to be
> > removed, then those VM will be down for a long time ...
> >
> > Unless I got things quite wrong, (VM) HA - one of the big selling points
> of ACS
> > - is essentially broken?
> >
> > --
> > Sent from the Delta quadrant using Borg technology!
> >
> > Nux!
> > www.nux.ro
> >
> > ----- Original Message -----
> >> From: "Paul Angus" <pa...@shapeblue.com>
> >> To: "users" <us...@cloudstack.apache.org>, "dev"
> >> <de...@cloudstack.apache.org>
> >> Sent: Tuesday, 23 January, 2018 16:02:54
> >> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >
> >> Hi Nux,
> >>
> >> When have you seen the VMs on KVM behaving in the manner which you are
> >> expecting? I recall it didn’t work that way in the mid 4.5 versions
> >> (we found out the hard way in front of a customer) and it doesn't
> >> behave the way you are expecting 4.9 - I've just tested it.
> >>
> >> You need host-ha enabled to get reliable HA in the event of a host
> >> crash, that is why we developed the host ha feature.
> >>
> >> Kind regards,
> >>
> >> Paul Angus
> >>
> >> paul.angus@shapeblue.com
> >> www.shapeblue.com<http://www.shapeblue.com>
> >> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: Nux! [mailto:nux@li.nux.ro]
> >> Sent: 23 January 2018 15:06
> >> To: dev <de...@cloudstack.apache.org>
> >> Cc: users <us...@cloudstack.apache.org>
> >> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>
> >> Rohit,
> >>
> >> I'll also have to insist with the VM HA issue.
> >> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
> >>
> >> Lucian
> >>
> >> --
> >> Sent from the Delta quadrant using Borg technology!
> >>
> >> Nux!
> >> www.nux.ro
> >>
> >> ----- Original Message -----
> >>> From: "Rohit Yadav" <ro...@shapeblue.com>
> >>> To: "dev" <de...@cloudstack.apache.org>, "users"
> >>> <us...@cloudstack.apache.org>
> >>> Sent: Tuesday, 23 January, 2018 14:28:34
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>
> >>> All,
> >>>
> >>>
> >>> Given we've outstanding blockers and PRs in review/testing, I'll cut
> >>> RC2 only after we manage to get them reviewed, tested and merged.
> >>>
> >>>
> >>> The outstanding PRs considered for RC2 are:
> >>>
> >>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
> >>> for security groups)
> >>>
> >>> https://github.com/apache/cloudstack/pull/2419 (Password server
> >>> issue)
> >>>
> >>>
> >>> In addition we've following issues to receive fixes:
> >>>
> >>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
> >>>
> >>> - Dynamic roles upgrade fixes:
> >>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
> >>>
> >>>
> >>> Please share any other issues you've found, or I've missed. Thanks,
> >>> and continue testing RC1.
> >>>
> >>>
> >>> - Rohit
> >>>
> >>> <https://cloudstack.apache.org>
> >>>
> >>>
> >>>
> >>> ________________________________
> >>> From: Rohit Yadav <ro...@shapeblue.com>
> >>> Sent: Monday, January 22, 2018 11:18:27 AM
> >>> To: Paul Angus; users@cloudstack.apache.org;
> >>> dev@cloudstack.apache.org
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
> >>> had discussed this as a doc bug and so it must be documented part of
> >>> the 4.11 release notes as well.
> >>>
> >>>
> >>> There are two ways admin can migrate to dynamic roles post-upgrade:
> >>>
> >>>
> >>> 1. Enable dynamic.apichecker.enabled to true which will use the
> >>> default api mapping of rules from 4.8 commands.properties and
> >>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
> >>> Or,
> >>>
> >>> 2. The migration script is only useful where admins were not using
> >>> the default api rule mappings and they strictly want to
> >>> check/migrate each API. This approach requires admins to go through
> >>> new APIs and fix commands.properties before running the migration
> >>> scriopt (we've been sharing the new/change API list in release notes,
> for
> >>> example:
> >>>
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands
> ).
> >>> (for reference, doc:
> >>>
> >>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
> >>> e
> >>> n/latest/accounts.html#using-dynamic-roles)
> >>>
> >>>
> >>> Unlike the dynamic API checker, the static checker does not even
> >>> allow the root API to access all the APIs which is why post upgrade,
> >>> if the UI calls any API that is not allowed for the root admin (in
> >>> this case the quotaIsEnabled API) the UI will logout the user on API
> >>> unauthorized failure which is what happened.
> >>>
> >>>
> >>> So, we can discuss two fixes:
> >>>
> >>> - Like dynamic checker, let the static checker allow all APIs only to
> >>> the root admin (id=1) (I would not prefer to change the legacy
> >>> behaviour though)
> >>>
> >>> - During upgrade, if commands.properties is missing we set the global
> >>> setting to true, i.e. switch to dynamic roles (which would happen if
> >>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
> >>> they fail to copy the commands.properties file from /usr/share or /etc
> paths).
> >>>
> >>>
> >>> Thoughts?
> >>>
> >>>
> >>> - Rohit
> >>>
> >>> <https://cloudstack.apache.org>
> >>>
> >>>
> >>>
> >>> ________________________________
> >>>
> >>> rohit.yadav@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>>
> >>> rohit.yadav@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>> From: Paul Angus
> >>> Sent: Monday, January 22, 2018 9:24:25 AM
> >>> To: users@cloudstack.apache.org
> >>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
> >>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> If I've understood the issue correctly, "not being able to log in if
> upgrading
> >>> from 4.5" is a blocker in my book. I don't think that it should be
> the duty
> >>> of the Admin, to fix our oversights. Migration to the use of dynamic
> >>> roles is also broken as the command will be missing from
> >>> commands.properties in the first place, so the 'migrated' commands
> >>> will not be complete.
> >>>
> >>> As there will need to be an RC2, IMO this upgrade issue should be
> >>> fixed as part of it.
> >>>
> >>>
> >>>
> >>> Kind regards,
> >>>
> >>> Paul Angus
> >>>
> >>>
> >>> VP Technology
> >>> paul.angus@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>>
> >>>
> >>>
> >>>
> >>> -----Original Message-----
> >>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> >>> Sent: 22 January 2018 07:31
> >>> To: users@cloudstack.apache.org
> >>> Cc: Rohit Yadav <ro...@shapeblue.com>;
> >>> dev@cloudstack.apache.org; Daan Hoogland
> >>> <da...@shapeblue.com>
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> Hi Paul,
> >>> Migration script considers only what’s in the command.properties
> >>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
> >>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
> >>> take care of aligning this up. I’m also not big fan of having this
> >>> described in release notes, but would like to be included
> >>> automatically during upgrade. Main argument against it, its not a
> blocker.
> >>>
> >>> Bobby.
> >>>
> >>>
> >>> boris.stoyanov@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com>
> wrote:
> >>>>
> >>>> OK, just to confirm ‘we’ the community have basically deprecated the
> >>>> use of commands.properties?
> >>>>
> >>>> But for people upgrading from a version before dynamic roles, does
> >>>> the migration script take into account (or need to take into
> >>>> account) the ‘missing’
> >>>> quotaIsEnabled=15 parameter?
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> paul.angus@shapeblue.com
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>
> >>>>
> >>>>
> >>>> From: Rohit Yadav
> >>>> Sent: 19 January 2018 09:27
> >>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
> >>>> Paul Angus <pa...@shapeblue.com>
> >>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>
> >>>>
> >>>> Hi Bobby,
> >>>>
> >>>>
> >>>>
> >>>> Agree, it's not user-friendly which is why admins should migrate to
> >>>> the dynamic roles feature. But I'm not sure if this is a blocker and
> >>>> if an admin wants to stick to the old static (commands.properties)
> >>>> way, they need to manage changes themselves. We may add something to
> >>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
> >>>>
> >>>>
> >>>>
> >>>> - Rohit
> >>>>
> >>>>
> >>>>
> >>>> Software Architect
> >>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> ________________________________
> >>>> From: Boris Stoyanov
> >>>> <bo...@shapeblue.com>>
> >>>> Sent: Friday, January 19, 2018 2:51:32 PM
> >>>> To: users
> >>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>
> >>>> Hi Rohit,
> >>>>
> >>>> That doesn’t sound much user friendly what do you think? Can we look
> >>>> for a way to automate this dependency in the upgrade process?
> >>>>
> >>>> Bobby.
> >>>>
> >>>>
> >>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>
> >>>>
> >>>>
> >>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
> >>>>> <ro...@shapeblue.com>> wrote:
> >>>>>
> >>>>> Hi Bobby,
> >>>>>
> >>>>>
> >>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
> >>>>> how static checker with commands.properties work, admins will be
> >>>>> required to add/update new API/ACLs in the commands.properties file.
> >>>>>
> >>>>> Adding the following to commands.properties file and restarting
> >>>>> mgmt server fixes the issue:
> >>>>>
> >>>>> quotaIsEnabled=15
> >>>>>
> >>>>>
> >>>>> Please continue testing, thanks.
> >>>>>
> >>>>>
> >>>>> - Rohit
> >>>>>
> >>>>> <https://cloudstack.apache.org>
> >>>>>
> >>>>>
> >>>>>
> >>>>> ________________________________
> >>>>> From: Boris Stoyanov
> >>>>> <bo...@shapeblue.com>>
> >>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
> >>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>>
> >>>>> I think I’ve hit a blocker when upgrading to 4.11
> >>>>>
> >>>>> Here’s the jira id:
> >>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
> >>>>>
> >>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
> >>>>> got session expired immediately.
> >>>>>
> >>>>> Regards,
> >>>>> Boris Stoyanov
> >>>>>
> >>>>>
> >>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> >>>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> >>>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> >>>>> @shapeblue
> >>>>>
> >>>>>
> >>>>>
> >>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
> >>>>> <Mike.Tutkowski@netapp.com<mailto:Mike.Tutkowski@netapp.com<mailto:
> Mike.Tutkowski@netapp.com%3cmailto:Mike.Tutkowski@netapp.com>>>
> >>>>> wrote:
> >>>>>
> >>>>> Hi everyone,
> >>>>>
> >>>>> For the past couple days, I have been running the KVM managed-storage
> >>>>> regression-test suite against RC1.
> >>>>>
> >>>>> With the exception of one issue (more on this below), all of these
> tests have
> >>>>> passed.
> >>>>>
> >>>>> Tomorrow I plan to start in on the VMware-related managed-storage
> tests.
> >>>>>
> >>>>> Once I’ve completed running those, I expect to move on to the
> XenServer-related
> >>>>> managed-storage tests.
> >>>>>
> >>>>> I ran these XenServer and VMware tests just prior to RC1 being
> created, so I
> >>>>> suspect all of those tests will come back successful.
> >>>>>
> >>>>> Now, with regards to the one issue I found on KVM with managed
> storage:
> >>>>>
> >>>>> It relates to a new feature whereby you can online migrate the
> storage of a VM
> >>>>> from NFS or Ceph to managed storage.
> >>>>>
> >>>>> During the code-review process, I made a change per a suggestion and
> it
> >>>>> introduced an issue with this feature. The solution is just a couple
> lines of
> >>>>> code and only impacts this one use case. If you are testing this
> release
> >>>>> candidate and don’t really care about this particular feature, it
> should not at
> >>>>> all impact your ability to test RC1.
> >>>>>
> >>>>> Thanks!
> >>>>> Mike
> >>>>>
> >>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
> >>>>> <rohit@apache.org<mailto:rohit@apache.org<mailto:rohit@apache.org%
> 3cmailto:rohit@apache.org>>>
> >>>>> wrote:
> >>>>>
> >>>>> Hi All,
> >>>>>
> >>>>> I've created a 4.11.0.0 release, with the following artifacts up for
> >>>>> testing and a vote:
> >>>>>
> >>>>> Git Branch and Commit SH:
> >>>>>
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> >>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
> >>>>>
> >>>>> Source release (checksums and signatures are available at the same
> >>>>> location):
> >>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
> >>>>>
> >>>>> PGP release keys (signed using
> 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> >>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> >>>>>
> >>>>> The vote will be open for 72 hours.
> >>>>>
> >>>>> For sanity in tallying the vote, can PMC members please be sure to
> indicate
> >>>>> "(binding)" with their vote?
> >>>>>
> >>>>> [ ] +1 approve
> >>>>> [ ] +0 no opinion
> >>>>> [ ] -1 disapprove (and reason why)
> >>>>>
> >>>>> Additional information:
> >>>>>
> >>>>> For users' convenience, I've built packages from
> >>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1
> repository here:
> >>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
> >>>>>
> >>>>> The release notes are still work-in-progress, but the
> systemvmtemplate
> >>>>> upgrade section has been updated. You may refer the following for
> >>>>> systemvmtemplate upgrade testing:
> >>>>>
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
> >>>>>
> >>>>> 4.11 systemvmtemplates are available from here:
> >>>>> https://download.cloudstack.org/systemvm/4.11/
> >>>>>
> >>>>> Regards,
> > > >>> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Frank Maximus <fr...@nuagenetworks.net>.
I found and fixed an issue in cloudstack-agent logrotate.
https://issues.apache.org/jira/browse/CLOUDSTACK-10255
https://github.com/apache/cloudstack/pull/2429
IMHO it's feasible to include it in RC2.
As only the maven build is impacted by the change,
I see little risk.
Regards,
Frank
On Wed, Jan 24, 2018 at 1:31 PM Rohit Yadav <ro...@shapeblue.com>
wrote:
> All,
>
>
> We don't have any outstanding blocker PRs now.
>
>
> I could n't reproduce any regression wrt only VM-HA in RC1. By killing a
> HV host (and keep it that way, i.e. not rebooting it), HA enabled VMs did
> migrate to other hosts in a test I did.
>
>
> The only potential (blocker) issue seems to be a ldap related regression
> reported on users@ that Daan is looking into, which may or may not be a
> blocker but a configuration issue.
>
>
> Given, we're approaching the end of the week, it's likely we cut RC2 on
> Monday. Please continue testing RC1 in the meanwhile.
>
>
> Regards,
>
> Rohit Yadav
>
>
> ________________________________
> From: Nux! <nu...@li.nux.ro>
> Sent: Wednesday, January 24, 2018 9:29:21 AM
> To: users
> Cc: dev
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Paul,
>
> Ok, let me play some more with those tunings params, see if I can find a
> satisfactory combination and I'll withhold a -1 on this on the basis that
> I've just misunderstood the whole thing. :)
>
> Thanks
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> ----- Original Message -----
> > From: "Paul Angus" <pa...@shapeblue.com>
> > To: "users" <us...@cloudstack.apache.org>
> > Cc: "dev" <de...@cloudstack.apache.org>
> > Sent: Tuesday, 23 January, 2018 19:55:01
> > Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> > Hey Nux,
> >
> > There is quite a bit of tuning you can do, to speed or slow CloudStack's
> > decision making, but we need to be sure that when we lose contact with a
> host
> > agent, that the VMs themselves really are dead. By default host-ha is
> set to
> > be super sure.
> >
> > There are various timeouts which can be configured to decide how long to
> wait
> > for a host to restart before deciding that it is not going to start as
> well as
> > how many times we should check for disk activity from the resident VMs
> of a
> > suspect host.
> >
> > The parameters are detailed here.
> > https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
> >
> > Honestly, the aim of Host HA was to fix the particular issue that you are
> > describing as we can't remember a time when it did work reliably.
> >
> >
> >
> > paul.angus@shapeblue.com
> > www.shapeblue.com<http://www.shapeblue.com>
> > 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> > @shapeblue
> >
> >
> >
> >
> > -----Original Message-----
> > From: Nux! [mailto:nux@li.nux.ro]
> > Sent: 23 January 2018 19:08
> > To: users <us...@cloudstack.apache.org>
> > Cc: dev <de...@cloudstack.apache.org>
> > Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >
> > Hi Paul,
> >
> > To be honest I do not remember when I last saw this, as I have not been
> testing
> > ACS in 2017.
> > You'd kill a HV, the VMs would pop up on another after a few minutes.
> >
> > Even with Host HA, the VMs remain down until the hypervisor is back up,
> > restarted by OOBM - however if that HV has suffered a HW fault and needs
> to be
> > removed, then those VM will be down for a long time ...
> >
> > Unless I got things quite wrong, (VM) HA - one of the big selling points
> of ACS
> > - is essentially broken?
> >
> > --
> > Sent from the Delta quadrant using Borg technology!
> >
> > Nux!
> > www.nux.ro
> >
> > ----- Original Message -----
> >> From: "Paul Angus" <pa...@shapeblue.com>
> >> To: "users" <us...@cloudstack.apache.org>, "dev"
> >> <de...@cloudstack.apache.org>
> >> Sent: Tuesday, 23 January, 2018 16:02:54
> >> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >
> >> Hi Nux,
> >>
> >> When have you seen the VMs on KVM behaving in the manner which you are
> >> expecting? I recall it didn’t work that way in the mid 4.5 versions
> >> (we found out the hard way in front of a customer) and it doesn't
> >> behave the way you are expecting 4.9 - I've just tested it.
> >>
> >> You need host-ha enabled to get reliable HA in the event of a host
> >> crash, that is why we developed the host ha feature.
> >>
> >> Kind regards,
> >>
> >> Paul Angus
> >>
> >> paul.angus@shapeblue.com
> >> www.shapeblue.com<http://www.shapeblue.com>
> >> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: Nux! [mailto:nux@li.nux.ro]
> >> Sent: 23 January 2018 15:06
> >> To: dev <de...@cloudstack.apache.org>
> >> Cc: users <us...@cloudstack.apache.org>
> >> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>
> >> Rohit,
> >>
> >> I'll also have to insist with the VM HA issue.
> >> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
> >>
> >> Lucian
> >>
> >> --
> >> Sent from the Delta quadrant using Borg technology!
> >>
> >> Nux!
> >> www.nux.ro
> >>
> >> ----- Original Message -----
> >>> From: "Rohit Yadav" <ro...@shapeblue.com>
> >>> To: "dev" <de...@cloudstack.apache.org>, "users"
> >>> <us...@cloudstack.apache.org>
> >>> Sent: Tuesday, 23 January, 2018 14:28:34
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>
> >>> All,
> >>>
> >>>
> >>> Given we've outstanding blockers and PRs in review/testing, I'll cut
> >>> RC2 only after we manage to get them reviewed, tested and merged.
> >>>
> >>>
> >>> The outstanding PRs considered for RC2 are:
> >>>
> >>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
> >>> for security groups)
> >>>
> >>> https://github.com/apache/cloudstack/pull/2419 (Password server
> >>> issue)
> >>>
> >>>
> >>> In addition we've following issues to receive fixes:
> >>>
> >>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
> >>>
> >>> - Dynamic roles upgrade fixes:
> >>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
> >>>
> >>>
> >>> Please share any other issues you've found, or I've missed. Thanks,
> >>> and continue testing RC1.
> >>>
> >>>
> >>> - Rohit
> >>>
> >>> <https://cloudstack.apache.org>
> >>>
> >>>
> >>>
> >>> ________________________________
> >>> From: Rohit Yadav <ro...@shapeblue.com>
> >>> Sent: Monday, January 22, 2018 11:18:27 AM
> >>> To: Paul Angus; users@cloudstack.apache.org;
> >>> dev@cloudstack.apache.org
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
> >>> had discussed this as a doc bug and so it must be documented part of
> >>> the 4.11 release notes as well.
> >>>
> >>>
> >>> There are two ways admin can migrate to dynamic roles post-upgrade:
> >>>
> >>>
> >>> 1. Enable dynamic.apichecker.enabled to true which will use the
> >>> default api mapping of rules from 4.8 commands.properties and
> >>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
> >>> Or,
> >>>
> >>> 2. The migration script is only useful where admins were not using
> >>> the default api rule mappings and they strictly want to
> >>> check/migrate each API. This approach requires admins to go through
> >>> new APIs and fix commands.properties before running the migration
> >>> scriopt (we've been sharing the new/change API list in release notes,
> for
> >>> example:
> >>>
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands
> ).
> >>> (for reference, doc:
> >>>
> >>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
> >>> e
> >>> n/latest/accounts.html#using-dynamic-roles)
> >>>
> >>>
> >>> Unlike the dynamic API checker, the static checker does not even
> >>> allow the root API to access all the APIs which is why post upgrade,
> >>> if the UI calls any API that is not allowed for the root admin (in
> >>> this case the quotaIsEnabled API) the UI will logout the user on API
> >>> unauthorized failure which is what happened.
> >>>
> >>>
> >>> So, we can discuss two fixes:
> >>>
> >>> - Like dynamic checker, let the static checker allow all APIs only to
> >>> the root admin (id=1) (I would not prefer to change the legacy
> >>> behaviour though)
> >>>
> >>> - During upgrade, if commands.properties is missing we set the global
> >>> setting to true, i.e. switch to dynamic roles (which would happen if
> >>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
> >>> they fail to copy the commands.properties file from /usr/share or /etc
> paths).
> >>>
> >>>
> >>> Thoughts?
> >>>
> >>>
> >>> - Rohit
> >>>
> >>> <https://cloudstack.apache.org>
> >>>
> >>>
> >>>
> >>> ________________________________
> >>>
> >>> rohit.yadav@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>>
> >>> rohit.yadav@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>> From: Paul Angus
> >>> Sent: Monday, January 22, 2018 9:24:25 AM
> >>> To: users@cloudstack.apache.org
> >>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
> >>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> If I've understood the issue correctly, "not being able to log in if
> upgrading
> >>> from 4.5" is a blocker in my book. I don't think that it should be
> the duty
> >>> of the Admin, to fix our oversights. Migration to the use of dynamic
> >>> roles is also broken as the command will be missing from
> >>> commands.properties in the first place, so the 'migrated' commands
> >>> will not be complete.
> >>>
> >>> As there will need to be an RC2, IMO this upgrade issue should be
> >>> fixed as part of it.
> >>>
> >>>
> >>>
> >>> Kind regards,
> >>>
> >>> Paul Angus
> >>>
> >>>
> >>> VP Technology
> >>> paul.angus@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>>
> >>>
> >>>
> >>>
> >>> -----Original Message-----
> >>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> >>> Sent: 22 January 2018 07:31
> >>> To: users@cloudstack.apache.org
> >>> Cc: Rohit Yadav <ro...@shapeblue.com>;
> >>> dev@cloudstack.apache.org; Daan Hoogland
> >>> <da...@shapeblue.com>
> >>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>
> >>> Hi Paul,
> >>> Migration script considers only what’s in the command.properties
> >>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
> >>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
> >>> take care of aligning this up. I’m also not big fan of having this
> >>> described in release notes, but would like to be included
> >>> automatically during upgrade. Main argument against it, its not a
> blocker.
> >>>
> >>> Bobby.
> >>>
> >>>
> >>> boris.stoyanov@shapeblue.com
> >>> www.shapeblue.com<http://www.shapeblue.com>
> >>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>
> >>>
> >>>
> >>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com>
> wrote:
> >>>>
> >>>> OK, just to confirm ‘we’ the community have basically deprecated the
> >>>> use of commands.properties?
> >>>>
> >>>> But for people upgrading from a version before dynamic roles, does
> >>>> the migration script take into account (or need to take into
> >>>> account) the ‘missing’
> >>>> quotaIsEnabled=15 parameter?
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> paul.angus@shapeblue.com
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>
> >>>>
> >>>>
> >>>> From: Rohit Yadav
> >>>> Sent: 19 January 2018 09:27
> >>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
> >>>> Paul Angus <pa...@shapeblue.com>
> >>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>
> >>>>
> >>>> Hi Bobby,
> >>>>
> >>>>
> >>>>
> >>>> Agree, it's not user-friendly which is why admins should migrate to
> >>>> the dynamic roles feature. But I'm not sure if this is a blocker and
> >>>> if an admin wants to stick to the old static (commands.properties)
> >>>> way, they need to manage changes themselves. We may add something to
> >>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
> >>>>
> >>>>
> >>>>
> >>>> - Rohit
> >>>>
> >>>>
> >>>>
> >>>> Software Architect
> >>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> ________________________________
> >>>> From: Boris Stoyanov
> >>>> <bo...@shapeblue.com>>
> >>>> Sent: Friday, January 19, 2018 2:51:32 PM
> >>>> To: users
> >>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>
> >>>> Hi Rohit,
> >>>>
> >>>> That doesn’t sound much user friendly what do you think? Can we look
> >>>> for a way to automate this dependency in the upgrade process?
> >>>>
> >>>> Bobby.
> >>>>
> >>>>
> >>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> >>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>
> >>>>
> >>>>
> >>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
> >>>>> <ro...@shapeblue.com>> wrote:
> >>>>>
> >>>>> Hi Bobby,
> >>>>>
> >>>>>
> >>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
> >>>>> how static checker with commands.properties work, admins will be
> >>>>> required to add/update new API/ACLs in the commands.properties file.
> >>>>>
> >>>>> Adding the following to commands.properties file and restarting
> >>>>> mgmt server fixes the issue:
> >>>>>
> >>>>> quotaIsEnabled=15
> >>>>>
> >>>>>
> >>>>> Please continue testing, thanks.
> >>>>>
> >>>>>
> >>>>> - Rohit
> >>>>>
> >>>>> <https://cloudstack.apache.org>
> >>>>>
> >>>>>
> >>>>>
> >>>>> ________________________________
> >>>>> From: Boris Stoyanov
> >>>>> <bo...@shapeblue.com>>
> >>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
> >>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> >>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> >>>>>
> >>>>> I think I’ve hit a blocker when upgrading to 4.11
> >>>>>
> >>>>> Here’s the jira id:
> >>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
> >>>>>
> >>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
> >>>>> got session expired immediately.
> >>>>>
> >>>>> Regards,
> >>>>> Boris Stoyanov
> >>>>>
> >>>>>
> >>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> >>>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> >>>>> www.shapeblue.com<http://www.shapeblue.com>
> >>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> >>>>> @shapeblue
> >>>>>
> >>>>>
> >>>>>
> >>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
> >>>>> <Mike.Tutkowski@netapp.com<mailto:Mike.Tutkowski@netapp.com<mailto:
> Mike.Tutkowski@netapp.com%3cmailto:Mike.Tutkowski@netapp.com>>>
> >>>>> wrote:
> >>>>>
> >>>>> Hi everyone,
> >>>>>
> >>>>> For the past couple days, I have been running the KVM managed-storage
> >>>>> regression-test suite against RC1.
> >>>>>
> >>>>> With the exception of one issue (more on this below), all of these
> tests have
> >>>>> passed.
> >>>>>
> >>>>> Tomorrow I plan to start in on the VMware-related managed-storage
> tests.
> >>>>>
> >>>>> Once I’ve completed running those, I expect to move on to the
> XenServer-related
> >>>>> managed-storage tests.
> >>>>>
> >>>>> I ran these XenServer and VMware tests just prior to RC1 being
> created, so I
> >>>>> suspect all of those tests will come back successful.
> >>>>>
> >>>>> Now, with regards to the one issue I found on KVM with managed
> storage:
> >>>>>
> >>>>> It relates to a new feature whereby you can online migrate the
> storage of a VM
> >>>>> from NFS or Ceph to managed storage.
> >>>>>
> >>>>> During the code-review process, I made a change per a suggestion and
> it
> >>>>> introduced an issue with this feature. The solution is just a couple
> lines of
> >>>>> code and only impacts this one use case. If you are testing this
> release
> >>>>> candidate and don’t really care about this particular feature, it
> should not at
> >>>>> all impact your ability to test RC1.
> >>>>>
> >>>>> Thanks!
> >>>>> Mike
> >>>>>
> >>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
> >>>>> <rohit@apache.org<mailto:rohit@apache.org<mailto:rohit@apache.org%
> 3cmailto:rohit@apache.org>>>
> >>>>> wrote:
> >>>>>
> >>>>> Hi All,
> >>>>>
> >>>>> I've created a 4.11.0.0 release, with the following artifacts up for
> >>>>> testing and a vote:
> >>>>>
> >>>>> Git Branch and Commit SH:
> >>>>>
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> >>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
> >>>>>
> >>>>> Source release (checksums and signatures are available at the same
> >>>>> location):
> >>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
> >>>>>
> >>>>> PGP release keys (signed using
> 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> >>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> >>>>>
> >>>>> The vote will be open for 72 hours.
> >>>>>
> >>>>> For sanity in tallying the vote, can PMC members please be sure to
> indicate
> >>>>> "(binding)" with their vote?
> >>>>>
> >>>>> [ ] +1 approve
> >>>>> [ ] +0 no opinion
> >>>>> [ ] -1 disapprove (and reason why)
> >>>>>
> >>>>> Additional information:
> >>>>>
> >>>>> For users' convenience, I've built packages from
> >>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1
> repository here:
> >>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
> >>>>>
> >>>>> The release notes are still work-in-progress, but the
> systemvmtemplate
> >>>>> upgrade section has been updated. You may refer the following for
> >>>>> systemvmtemplate upgrade testing:
> >>>>>
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
> >>>>>
> >>>>> 4.11 systemvmtemplates are available from here:
> >>>>> https://download.cloudstack.org/systemvm/4.11/
> >>>>>
> >>>>> Regards,
> > > >>> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
All,
We don't have any outstanding blocker PRs now.
I could n't reproduce any regression wrt only VM-HA in RC1. By killing a HV host (and keep it that way, i.e. not rebooting it), HA enabled VMs did migrate to other hosts in a test I did.
The only potential (blocker) issue seems to be a ldap related regression reported on users@ that Daan is looking into, which may or may not be a blocker but a configuration issue.
Given, we're approaching the end of the week, it's likely we cut RC2 on Monday. Please continue testing RC1 in the meanwhile.
Regards,
Rohit Yadav
________________________________
From: Nux! <nu...@li.nux.ro>
Sent: Wednesday, January 24, 2018 9:29:21 AM
To: users
Cc: dev
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Paul,
Ok, let me play some more with those tunings params, see if I can find a satisfactory combination and I'll withhold a -1 on this on the basis that I've just misunderstood the whole thing. :)
Thanks
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
----- Original Message -----
> From: "Paul Angus" <pa...@shapeblue.com>
> To: "users" <us...@cloudstack.apache.org>
> Cc: "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 19:55:01
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Hey Nux,
>
> There is quite a bit of tuning you can do, to speed or slow CloudStack's
> decision making, but we need to be sure that when we lose contact with a host
> agent, that the VMs themselves really are dead. By default host-ha is set to
> be super sure.
>
> There are various timeouts which can be configured to decide how long to wait
> for a host to restart before deciding that it is not going to start as well as
> how many times we should check for disk activity from the resident VMs of a
> suspect host.
>
> The parameters are detailed here.
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
>
> Honestly, the aim of Host HA was to fix the particular issue that you are
> describing as we can't remember a time when it did work reliably.
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: 23 January 2018 19:08
> To: users <us...@cloudstack.apache.org>
> Cc: dev <de...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
>
> To be honest I do not remember when I last saw this, as I have not been testing
> ACS in 2017.
> You'd kill a HV, the VMs would pop up on another after a few minutes.
>
> Even with Host HA, the VMs remain down until the hypervisor is back up,
> restarted by OOBM - however if that HV has suffered a HW fault and needs to be
> removed, then those VM will be down for a long time ...
>
> Unless I got things quite wrong, (VM) HA - one of the big selling points of ACS
> - is essentially broken?
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Paul Angus" <pa...@shapeblue.com>
>> To: "users" <us...@cloudstack.apache.org>, "dev"
>> <de...@cloudstack.apache.org>
>> Sent: Tuesday, 23 January, 2018 16:02:54
>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>> Hi Nux,
>>
>> When have you seen the VMs on KVM behaving in the manner which you are
>> expecting? I recall it didn’t work that way in the mid 4.5 versions
>> (we found out the hard way in front of a customer) and it doesn't
>> behave the way you are expecting 4.9 - I've just tested it.
>>
>> You need host-ha enabled to get reliable HA in the event of a host
>> crash, that is why we developed the host ha feature.
>>
>> Kind regards,
>>
>> Paul Angus
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>
>> -----Original Message-----
>> From: Nux! [mailto:nux@li.nux.ro]
>> Sent: 23 January 2018 15:06
>> To: dev <de...@cloudstack.apache.org>
>> Cc: users <us...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Rohit,
>>
>> I'll also have to insist with the VM HA issue.
>> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
>>
>> Lucian
>>
>> --
>> Sent from the Delta quadrant using Borg technology!
>>
>> Nux!
>> www.nux.ro
>>
>> ----- Original Message -----
>>> From: "Rohit Yadav" <ro...@shapeblue.com>
>>> To: "dev" <de...@cloudstack.apache.org>, "users"
>>> <us...@cloudstack.apache.org>
>>> Sent: Tuesday, 23 January, 2018 14:28:34
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>> All,
>>>
>>>
>>> Given we've outstanding blockers and PRs in review/testing, I'll cut
>>> RC2 only after we manage to get them reviewed, tested and merged.
>>>
>>>
>>> The outstanding PRs considered for RC2 are:
>>>
>>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
>>> for security groups)
>>>
>>> https://github.com/apache/cloudstack/pull/2419 (Password server
>>> issue)
>>>
>>>
>>> In addition we've following issues to receive fixes:
>>>
>>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>>>
>>> - Dynamic roles upgrade fixes:
>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>>>
>>>
>>> Please share any other issues you've found, or I've missed. Thanks,
>>> and continue testing RC1.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Rohit Yadav <ro...@shapeblue.com>
>>> Sent: Monday, January 22, 2018 11:18:27 AM
>>> To: Paul Angus; users@cloudstack.apache.org;
>>> dev@cloudstack.apache.org
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
>>> had discussed this as a doc bug and so it must be documented part of
>>> the 4.11 release notes as well.
>>>
>>>
>>> There are two ways admin can migrate to dynamic roles post-upgrade:
>>>
>>>
>>> 1. Enable dynamic.apichecker.enabled to true which will use the
>>> default api mapping of rules from 4.8 commands.properties and
>>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
>>> Or,
>>>
>>> 2. The migration script is only useful where admins were not using
>>> the default api rule mappings and they strictly want to
>>> check/migrate each API. This approach requires admins to go through
>>> new APIs and fix commands.properties before running the migration
>>> scriopt (we've been sharing the new/change API list in release notes, for
>>> example:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
>>> (for reference, doc:
>>>
>>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
>>> e
>>> n/latest/accounts.html#using-dynamic-roles)
>>>
>>>
>>> Unlike the dynamic API checker, the static checker does not even
>>> allow the root API to access all the APIs which is why post upgrade,
>>> if the UI calls any API that is not allowed for the root admin (in
>>> this case the quotaIsEnabled API) the UI will logout the user on API
>>> unauthorized failure which is what happened.
>>>
>>>
>>> So, we can discuss two fixes:
>>>
>>> - Like dynamic checker, let the static checker allow all APIs only to
>>> the root admin (id=1) (I would not prefer to change the legacy
>>> behaviour though)
>>>
>>> - During upgrade, if commands.properties is missing we set the global
>>> setting to true, i.e. switch to dynamic roles (which would happen if
>>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
>>> they fail to copy the commands.properties file from /usr/share or /etc paths).
>>>
>>>
>>> Thoughts?
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>>
>>> rohit.yadav@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>> From: Paul Angus
>>> Sent: Monday, January 22, 2018 9:24:25 AM
>>> To: users@cloudstack.apache.org
>>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
>>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> If I've understood the issue correctly, "not being able to log in if upgrading
>>> from 4.5" is a blocker in my book. I don't think that it should be the duty
>>> of the Admin, to fix our oversights. Migration to the use of dynamic
>>> roles is also broken as the command will be missing from
>>> commands.properties in the first place, so the 'migrated' commands
>>> will not be complete.
>>>
>>> As there will need to be an RC2, IMO this upgrade issue should be
>>> fixed as part of it.
>>>
>>>
>>>
>>> Kind regards,
>>>
>>> Paul Angus
>>>
>>>
>>> VP Technology
>>> paul.angus@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>>
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
>>> Sent: 22 January 2018 07:31
>>> To: users@cloudstack.apache.org
>>> Cc: Rohit Yadav <ro...@shapeblue.com>;
>>> dev@cloudstack.apache.org; Daan Hoogland
>>> <da...@shapeblue.com>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> Hi Paul,
>>> Migration script considers only what’s in the command.properties
>>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
>>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
>>> take care of aligning this up. I’m also not big fan of having this
>>> described in release notes, but would like to be included
>>> automatically during upgrade. Main argument against it, its not a blocker.
>>>
>>> Bobby.
>>>
>>>
>>> boris.stoyanov@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>>>
>>>> OK, just to confirm ‘we’ the community have basically deprecated the
>>>> use of commands.properties?
>>>>
>>>> But for people upgrading from a version before dynamic roles, does
>>>> the migration script take into account (or need to take into
>>>> account) the ‘missing’
>>>> quotaIsEnabled=15 parameter?
>>>>
>>>>
>>>>
>>>>
>>>> paul.angus@shapeblue.com
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>> From: Rohit Yadav
>>>> Sent: 19 January 2018 09:27
>>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>>>> Paul Angus <pa...@shapeblue.com>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>>
>>>> Hi Bobby,
>>>>
>>>>
>>>>
>>>> Agree, it's not user-friendly which is why admins should migrate to
>>>> the dynamic roles feature. But I'm not sure if this is a blocker and
>>>> if an admin wants to stick to the old static (commands.properties)
>>>> way, they need to manage changes themselves. We may add something to
>>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>>>
>>>>
>>>>
>>>> - Rohit
>>>>
>>>>
>>>>
>>>> Software Architect
>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Boris Stoyanov
>>>> <bo...@shapeblue.com>>
>>>> Sent: Friday, January 19, 2018 2:51:32 PM
>>>> To: users
>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>> Hi Rohit,
>>>>
>>>> That doesn’t sound much user friendly what do you think? Can we look
>>>> for a way to automate this dependency in the upgrade process?
>>>>
>>>> Bobby.
>>>>
>>>>
>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>>>> <ro...@shapeblue.com>> wrote:
>>>>>
>>>>> Hi Bobby,
>>>>>
>>>>>
>>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
>>>>> how static checker with commands.properties work, admins will be
>>>>> required to add/update new API/ACLs in the commands.properties file.
>>>>>
>>>>> Adding the following to commands.properties file and restarting
>>>>> mgmt server fixes the issue:
>>>>>
>>>>> quotaIsEnabled=15
>>>>>
>>>>>
>>>>> Please continue testing, thanks.
>>>>>
>>>>>
>>>>> - Rohit
>>>>>
>>>>> <https://cloudstack.apache.org>
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> From: Boris Stoyanov
>>>>> <bo...@shapeblue.com>>
>>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>>
>>>>> I think I’ve hit a blocker when upgrading to 4.11
>>>>>
>>>>> Here’s the jira id:
>>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>>>
>>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
>>>>> got session expired immediately.
>>>>>
>>>>> Regards,
>>>>> Boris Stoyanov
>>>>>
>>>>>
>>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>>> @shapeblue
>>>>>
>>>>>
>>>>>
>>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>>>> <Mi...@netapp.com>>>
>>>>> wrote:
>>>>>
>>>>> Hi everyone,
>>>>>
>>>>> For the past couple days, I have been running the KVM managed-storage
>>>>> regression-test suite against RC1.
>>>>>
>>>>> With the exception of one issue (more on this below), all of these tests have
>>>>> passed.
>>>>>
>>>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>>>
>>>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>>>> managed-storage tests.
>>>>>
>>>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>>>> suspect all of those tests will come back successful.
>>>>>
>>>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>>>
>>>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>>>> from NFS or Ceph to managed storage.
>>>>>
>>>>> During the code-review process, I made a change per a suggestion and it
>>>>> introduced an issue with this feature. The solution is just a couple lines of
>>>>> code and only impacts this one use case. If you are testing this release
>>>>> candidate and don’t really care about this particular feature, it should not at
>>>>> all impact your ability to test RC1.
>>>>>
>>>>> Thanks!
>>>>> Mike
>>>>>
>>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>>>> <ro...@apache.org>>>
>>>>> wrote:
>>>>>
>>>>> Hi All,
>>>>>
>>>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>>>> testing and a vote:
>>>>>
>>>>> Git Branch and Commit SH:
>>>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>>>
>>>>> Source release (checksums and signatures are available at the same
>>>>> location):
>>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>>>
>>>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>>>
>>>>> The vote will be open for 72 hours.
>>>>>
>>>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>>>> "(binding)" with their vote?
>>>>>
>>>>> [ ] +1 approve
>>>>> [ ] +0 no opinion
>>>>> [ ] -1 disapprove (and reason why)
>>>>>
>>>>> Additional information:
>>>>>
>>>>> For users' convenience, I've built packages from
>>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>>>
>>>>> The release notes are still work-in-progress, but the systemvmtemplate
>>>>> upgrade section has been updated. You may refer the following for
>>>>> systemvmtemplate upgrade testing:
>>>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>>>
>>>>> 4.11 systemvmtemplates are available from here:
>>>>> https://download.cloudstack.org/systemvm/4.11/
>>>>>
>>>>> Regards,
> > >>> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
All,
We don't have any outstanding blocker PRs now.
I could n't reproduce any regression wrt only VM-HA in RC1. By killing a HV host (and keep it that way, i.e. not rebooting it), HA enabled VMs did migrate to other hosts in a test I did.
The only potential (blocker) issue seems to be a ldap related regression reported on users@ that Daan is looking into, which may or may not be a blocker but a configuration issue.
Given, we're approaching the end of the week, it's likely we cut RC2 on Monday. Please continue testing RC1 in the meanwhile.
Regards,
Rohit Yadav
________________________________
From: Nux! <nu...@li.nux.ro>
Sent: Wednesday, January 24, 2018 9:29:21 AM
To: users
Cc: dev
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Paul,
Ok, let me play some more with those tunings params, see if I can find a satisfactory combination and I'll withhold a -1 on this on the basis that I've just misunderstood the whole thing. :)
Thanks
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
----- Original Message -----
> From: "Paul Angus" <pa...@shapeblue.com>
> To: "users" <us...@cloudstack.apache.org>
> Cc: "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 19:55:01
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Hey Nux,
>
> There is quite a bit of tuning you can do, to speed or slow CloudStack's
> decision making, but we need to be sure that when we lose contact with a host
> agent, that the VMs themselves really are dead. By default host-ha is set to
> be super sure.
>
> There are various timeouts which can be configured to decide how long to wait
> for a host to restart before deciding that it is not going to start as well as
> how many times we should check for disk activity from the resident VMs of a
> suspect host.
>
> The parameters are detailed here.
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
>
> Honestly, the aim of Host HA was to fix the particular issue that you are
> describing as we can't remember a time when it did work reliably.
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: 23 January 2018 19:08
> To: users <us...@cloudstack.apache.org>
> Cc: dev <de...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
>
> To be honest I do not remember when I last saw this, as I have not been testing
> ACS in 2017.
> You'd kill a HV, the VMs would pop up on another after a few minutes.
>
> Even with Host HA, the VMs remain down until the hypervisor is back up,
> restarted by OOBM - however if that HV has suffered a HW fault and needs to be
> removed, then those VM will be down for a long time ...
>
> Unless I got things quite wrong, (VM) HA - one of the big selling points of ACS
> - is essentially broken?
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Paul Angus" <pa...@shapeblue.com>
>> To: "users" <us...@cloudstack.apache.org>, "dev"
>> <de...@cloudstack.apache.org>
>> Sent: Tuesday, 23 January, 2018 16:02:54
>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>> Hi Nux,
>>
>> When have you seen the VMs on KVM behaving in the manner which you are
>> expecting? I recall it didn’t work that way in the mid 4.5 versions
>> (we found out the hard way in front of a customer) and it doesn't
>> behave the way you are expecting 4.9 - I've just tested it.
>>
>> You need host-ha enabled to get reliable HA in the event of a host
>> crash, that is why we developed the host ha feature.
>>
>> Kind regards,
>>
>> Paul Angus
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>
>> -----Original Message-----
>> From: Nux! [mailto:nux@li.nux.ro]
>> Sent: 23 January 2018 15:06
>> To: dev <de...@cloudstack.apache.org>
>> Cc: users <us...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Rohit,
>>
>> I'll also have to insist with the VM HA issue.
>> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
>>
>> Lucian
>>
>> --
>> Sent from the Delta quadrant using Borg technology!
>>
>> Nux!
>> www.nux.ro
>>
>> ----- Original Message -----
>>> From: "Rohit Yadav" <ro...@shapeblue.com>
>>> To: "dev" <de...@cloudstack.apache.org>, "users"
>>> <us...@cloudstack.apache.org>
>>> Sent: Tuesday, 23 January, 2018 14:28:34
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>> All,
>>>
>>>
>>> Given we've outstanding blockers and PRs in review/testing, I'll cut
>>> RC2 only after we manage to get them reviewed, tested and merged.
>>>
>>>
>>> The outstanding PRs considered for RC2 are:
>>>
>>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
>>> for security groups)
>>>
>>> https://github.com/apache/cloudstack/pull/2419 (Password server
>>> issue)
>>>
>>>
>>> In addition we've following issues to receive fixes:
>>>
>>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>>>
>>> - Dynamic roles upgrade fixes:
>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>>>
>>>
>>> Please share any other issues you've found, or I've missed. Thanks,
>>> and continue testing RC1.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Rohit Yadav <ro...@shapeblue.com>
>>> Sent: Monday, January 22, 2018 11:18:27 AM
>>> To: Paul Angus; users@cloudstack.apache.org;
>>> dev@cloudstack.apache.org
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
>>> had discussed this as a doc bug and so it must be documented part of
>>> the 4.11 release notes as well.
>>>
>>>
>>> There are two ways admin can migrate to dynamic roles post-upgrade:
>>>
>>>
>>> 1. Enable dynamic.apichecker.enabled to true which will use the
>>> default api mapping of rules from 4.8 commands.properties and
>>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
>>> Or,
>>>
>>> 2. The migration script is only useful where admins were not using
>>> the default api rule mappings and they strictly want to
>>> check/migrate each API. This approach requires admins to go through
>>> new APIs and fix commands.properties before running the migration
>>> scriopt (we've been sharing the new/change API list in release notes, for
>>> example:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
>>> (for reference, doc:
>>>
>>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
>>> e
>>> n/latest/accounts.html#using-dynamic-roles)
>>>
>>>
>>> Unlike the dynamic API checker, the static checker does not even
>>> allow the root API to access all the APIs which is why post upgrade,
>>> if the UI calls any API that is not allowed for the root admin (in
>>> this case the quotaIsEnabled API) the UI will logout the user on API
>>> unauthorized failure which is what happened.
>>>
>>>
>>> So, we can discuss two fixes:
>>>
>>> - Like dynamic checker, let the static checker allow all APIs only to
>>> the root admin (id=1) (I would not prefer to change the legacy
>>> behaviour though)
>>>
>>> - During upgrade, if commands.properties is missing we set the global
>>> setting to true, i.e. switch to dynamic roles (which would happen if
>>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
>>> they fail to copy the commands.properties file from /usr/share or /etc paths).
>>>
>>>
>>> Thoughts?
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>>
>>> rohit.yadav@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>> From: Paul Angus
>>> Sent: Monday, January 22, 2018 9:24:25 AM
>>> To: users@cloudstack.apache.org
>>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
>>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> If I've understood the issue correctly, "not being able to log in if upgrading
>>> from 4.5" is a blocker in my book. I don't think that it should be the duty
>>> of the Admin, to fix our oversights. Migration to the use of dynamic
>>> roles is also broken as the command will be missing from
>>> commands.properties in the first place, so the 'migrated' commands
>>> will not be complete.
>>>
>>> As there will need to be an RC2, IMO this upgrade issue should be
>>> fixed as part of it.
>>>
>>>
>>>
>>> Kind regards,
>>>
>>> Paul Angus
>>>
>>>
>>> VP Technology
>>> paul.angus@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>>
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
>>> Sent: 22 January 2018 07:31
>>> To: users@cloudstack.apache.org
>>> Cc: Rohit Yadav <ro...@shapeblue.com>;
>>> dev@cloudstack.apache.org; Daan Hoogland
>>> <da...@shapeblue.com>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> Hi Paul,
>>> Migration script considers only what’s in the command.properties
>>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
>>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
>>> take care of aligning this up. I’m also not big fan of having this
>>> described in release notes, but would like to be included
>>> automatically during upgrade. Main argument against it, its not a blocker.
>>>
>>> Bobby.
>>>
>>>
>>> boris.stoyanov@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>>>
>>>> OK, just to confirm ‘we’ the community have basically deprecated the
>>>> use of commands.properties?
>>>>
>>>> But for people upgrading from a version before dynamic roles, does
>>>> the migration script take into account (or need to take into
>>>> account) the ‘missing’
>>>> quotaIsEnabled=15 parameter?
>>>>
>>>>
>>>>
>>>>
>>>> paul.angus@shapeblue.com
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>> From: Rohit Yadav
>>>> Sent: 19 January 2018 09:27
>>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>>>> Paul Angus <pa...@shapeblue.com>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>>
>>>> Hi Bobby,
>>>>
>>>>
>>>>
>>>> Agree, it's not user-friendly which is why admins should migrate to
>>>> the dynamic roles feature. But I'm not sure if this is a blocker and
>>>> if an admin wants to stick to the old static (commands.properties)
>>>> way, they need to manage changes themselves. We may add something to
>>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>>>
>>>>
>>>>
>>>> - Rohit
>>>>
>>>>
>>>>
>>>> Software Architect
>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Boris Stoyanov
>>>> <bo...@shapeblue.com>>
>>>> Sent: Friday, January 19, 2018 2:51:32 PM
>>>> To: users
>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>> Hi Rohit,
>>>>
>>>> That doesn’t sound much user friendly what do you think? Can we look
>>>> for a way to automate this dependency in the upgrade process?
>>>>
>>>> Bobby.
>>>>
>>>>
>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>>>> <ro...@shapeblue.com>> wrote:
>>>>>
>>>>> Hi Bobby,
>>>>>
>>>>>
>>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
>>>>> how static checker with commands.properties work, admins will be
>>>>> required to add/update new API/ACLs in the commands.properties file.
>>>>>
>>>>> Adding the following to commands.properties file and restarting
>>>>> mgmt server fixes the issue:
>>>>>
>>>>> quotaIsEnabled=15
>>>>>
>>>>>
>>>>> Please continue testing, thanks.
>>>>>
>>>>>
>>>>> - Rohit
>>>>>
>>>>> <https://cloudstack.apache.org>
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> From: Boris Stoyanov
>>>>> <bo...@shapeblue.com>>
>>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>>
>>>>> I think I’ve hit a blocker when upgrading to 4.11
>>>>>
>>>>> Here’s the jira id:
>>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>>>
>>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
>>>>> got session expired immediately.
>>>>>
>>>>> Regards,
>>>>> Boris Stoyanov
>>>>>
>>>>>
>>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>>> @shapeblue
>>>>>
>>>>>
>>>>>
>>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>>>> <Mi...@netapp.com>>>
>>>>> wrote:
>>>>>
>>>>> Hi everyone,
>>>>>
>>>>> For the past couple days, I have been running the KVM managed-storage
>>>>> regression-test suite against RC1.
>>>>>
>>>>> With the exception of one issue (more on this below), all of these tests have
>>>>> passed.
>>>>>
>>>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>>>
>>>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>>>> managed-storage tests.
>>>>>
>>>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>>>> suspect all of those tests will come back successful.
>>>>>
>>>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>>>
>>>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>>>> from NFS or Ceph to managed storage.
>>>>>
>>>>> During the code-review process, I made a change per a suggestion and it
>>>>> introduced an issue with this feature. The solution is just a couple lines of
>>>>> code and only impacts this one use case. If you are testing this release
>>>>> candidate and don’t really care about this particular feature, it should not at
>>>>> all impact your ability to test RC1.
>>>>>
>>>>> Thanks!
>>>>> Mike
>>>>>
>>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>>>> <ro...@apache.org>>>
>>>>> wrote:
>>>>>
>>>>> Hi All,
>>>>>
>>>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>>>> testing and a vote:
>>>>>
>>>>> Git Branch and Commit SH:
>>>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>>>
>>>>> Source release (checksums and signatures are available at the same
>>>>> location):
>>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>>>
>>>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>>>
>>>>> The vote will be open for 72 hours.
>>>>>
>>>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>>>> "(binding)" with their vote?
>>>>>
>>>>> [ ] +1 approve
>>>>> [ ] +0 no opinion
>>>>> [ ] -1 disapprove (and reason why)
>>>>>
>>>>> Additional information:
>>>>>
>>>>> For users' convenience, I've built packages from
>>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>>>
>>>>> The release notes are still work-in-progress, but the systemvmtemplate
>>>>> upgrade section has been updated. You may refer the following for
>>>>> systemvmtemplate upgrade testing:
>>>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>>>
>>>>> 4.11 systemvmtemplates are available from here:
>>>>> https://download.cloudstack.org/systemvm/4.11/
>>>>>
>>>>> Regards,
> > >>> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Nux! <nu...@li.nux.ro>.
Paul,
Ok, let me play some more with those tunings params, see if I can find a satisfactory combination and I'll withhold a -1 on this on the basis that I've just misunderstood the whole thing. :)
Thanks
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Paul Angus" <pa...@shapeblue.com>
> To: "users" <us...@cloudstack.apache.org>
> Cc: "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 19:55:01
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Hey Nux,
>
> There is quite a bit of tuning you can do, to speed or slow CloudStack's
> decision making, but we need to be sure that when we lose contact with a host
> agent, that the VMs themselves really are dead. By default host-ha is set to
> be super sure.
>
> There are various timeouts which can be configured to decide how long to wait
> for a host to restart before deciding that it is not going to start as well as
> how many times we should check for disk activity from the resident VMs of a
> suspect host.
>
> The parameters are detailed here.
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
>
> Honestly, the aim of Host HA was to fix the particular issue that you are
> describing as we can't remember a time when it did work reliably.
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: 23 January 2018 19:08
> To: users <us...@cloudstack.apache.org>
> Cc: dev <de...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
>
> To be honest I do not remember when I last saw this, as I have not been testing
> ACS in 2017.
> You'd kill a HV, the VMs would pop up on another after a few minutes.
>
> Even with Host HA, the VMs remain down until the hypervisor is back up,
> restarted by OOBM - however if that HV has suffered a HW fault and needs to be
> removed, then those VM will be down for a long time ...
>
> Unless I got things quite wrong, (VM) HA - one of the big selling points of ACS
> - is essentially broken?
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Paul Angus" <pa...@shapeblue.com>
>> To: "users" <us...@cloudstack.apache.org>, "dev"
>> <de...@cloudstack.apache.org>
>> Sent: Tuesday, 23 January, 2018 16:02:54
>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>> Hi Nux,
>>
>> When have you seen the VMs on KVM behaving in the manner which you are
>> expecting? I recall it didn’t work that way in the mid 4.5 versions
>> (we found out the hard way in front of a customer) and it doesn't
>> behave the way you are expecting 4.9 - I've just tested it.
>>
>> You need host-ha enabled to get reliable HA in the event of a host
>> crash, that is why we developed the host ha feature.
>>
>> Kind regards,
>>
>> Paul Angus
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>
>> -----Original Message-----
>> From: Nux! [mailto:nux@li.nux.ro]
>> Sent: 23 January 2018 15:06
>> To: dev <de...@cloudstack.apache.org>
>> Cc: users <us...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Rohit,
>>
>> I'll also have to insist with the VM HA issue.
>> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
>>
>> Lucian
>>
>> --
>> Sent from the Delta quadrant using Borg technology!
>>
>> Nux!
>> www.nux.ro
>>
>> ----- Original Message -----
>>> From: "Rohit Yadav" <ro...@shapeblue.com>
>>> To: "dev" <de...@cloudstack.apache.org>, "users"
>>> <us...@cloudstack.apache.org>
>>> Sent: Tuesday, 23 January, 2018 14:28:34
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>> All,
>>>
>>>
>>> Given we've outstanding blockers and PRs in review/testing, I'll cut
>>> RC2 only after we manage to get them reviewed, tested and merged.
>>>
>>>
>>> The outstanding PRs considered for RC2 are:
>>>
>>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
>>> for security groups)
>>>
>>> https://github.com/apache/cloudstack/pull/2419 (Password server
>>> issue)
>>>
>>>
>>> In addition we've following issues to receive fixes:
>>>
>>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>>>
>>> - Dynamic roles upgrade fixes:
>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>>>
>>>
>>> Please share any other issues you've found, or I've missed. Thanks,
>>> and continue testing RC1.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Rohit Yadav <ro...@shapeblue.com>
>>> Sent: Monday, January 22, 2018 11:18:27 AM
>>> To: Paul Angus; users@cloudstack.apache.org;
>>> dev@cloudstack.apache.org
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
>>> had discussed this as a doc bug and so it must be documented part of
>>> the 4.11 release notes as well.
>>>
>>>
>>> There are two ways admin can migrate to dynamic roles post-upgrade:
>>>
>>>
>>> 1. Enable dynamic.apichecker.enabled to true which will use the
>>> default api mapping of rules from 4.8 commands.properties and
>>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
>>> Or,
>>>
>>> 2. The migration script is only useful where admins were not using
>>> the default api rule mappings and they strictly want to
>>> check/migrate each API. This approach requires admins to go through
>>> new APIs and fix commands.properties before running the migration
>>> scriopt (we've been sharing the new/change API list in release notes, for
>>> example:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
>>> (for reference, doc:
>>>
>>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
>>> e
>>> n/latest/accounts.html#using-dynamic-roles)
>>>
>>>
>>> Unlike the dynamic API checker, the static checker does not even
>>> allow the root API to access all the APIs which is why post upgrade,
>>> if the UI calls any API that is not allowed for the root admin (in
>>> this case the quotaIsEnabled API) the UI will logout the user on API
>>> unauthorized failure which is what happened.
>>>
>>>
>>> So, we can discuss two fixes:
>>>
>>> - Like dynamic checker, let the static checker allow all APIs only to
>>> the root admin (id=1) (I would not prefer to change the legacy
>>> behaviour though)
>>>
>>> - During upgrade, if commands.properties is missing we set the global
>>> setting to true, i.e. switch to dynamic roles (which would happen if
>>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
>>> they fail to copy the commands.properties file from /usr/share or /etc paths).
>>>
>>>
>>> Thoughts?
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>>
>>> rohit.yadav@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com
>>> www.shapeblue.com
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>> From: Paul Angus
>>> Sent: Monday, January 22, 2018 9:24:25 AM
>>> To: users@cloudstack.apache.org
>>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
>>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> If I've understood the issue correctly, "not being able to log in if upgrading
>>> from 4.5" is a blocker in my book. I don't think that it should be the duty
>>> of the Admin, to fix our oversights. Migration to the use of dynamic
>>> roles is also broken as the command will be missing from
>>> commands.properties in the first place, so the 'migrated' commands
>>> will not be complete.
>>>
>>> As there will need to be an RC2, IMO this upgrade issue should be
>>> fixed as part of it.
>>>
>>>
>>>
>>> Kind regards,
>>>
>>> Paul Angus
>>>
>>>
>>> VP Technology
>>> paul.angus@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>>
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
>>> Sent: 22 January 2018 07:31
>>> To: users@cloudstack.apache.org
>>> Cc: Rohit Yadav <ro...@shapeblue.com>;
>>> dev@cloudstack.apache.org; Daan Hoogland
>>> <da...@shapeblue.com>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> Hi Paul,
>>> Migration script considers only what’s in the command.properties
>>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
>>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
>>> take care of aligning this up. I’m also not big fan of having this
>>> described in release notes, but would like to be included
>>> automatically during upgrade. Main argument against it, its not a blocker.
>>>
>>> Bobby.
>>>
>>>
>>> boris.stoyanov@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>>>
>>>> OK, just to confirm ‘we’ the community have basically deprecated the
>>>> use of commands.properties?
>>>>
>>>> But for people upgrading from a version before dynamic roles, does
>>>> the migration script take into account (or need to take into
>>>> account) the ‘missing’
>>>> quotaIsEnabled=15 parameter?
>>>>
>>>>
>>>>
>>>>
>>>> paul.angus@shapeblue.com
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>> From: Rohit Yadav
>>>> Sent: 19 January 2018 09:27
>>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>>>> Paul Angus <pa...@shapeblue.com>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>>
>>>> Hi Bobby,
>>>>
>>>>
>>>>
>>>> Agree, it's not user-friendly which is why admins should migrate to
>>>> the dynamic roles feature. But I'm not sure if this is a blocker and
>>>> if an admin wants to stick to the old static (commands.properties)
>>>> way, they need to manage changes themselves. We may add something to
>>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>>>
>>>>
>>>>
>>>> - Rohit
>>>>
>>>>
>>>>
>>>> Software Architect
>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Boris Stoyanov
>>>> <bo...@shapeblue.com>>
>>>> Sent: Friday, January 19, 2018 2:51:32 PM
>>>> To: users
>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>> Hi Rohit,
>>>>
>>>> That doesn’t sound much user friendly what do you think? Can we look
>>>> for a way to automate this dependency in the upgrade process?
>>>>
>>>> Bobby.
>>>>
>>>>
>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>>>> <ro...@shapeblue.com>> wrote:
>>>>>
>>>>> Hi Bobby,
>>>>>
>>>>>
>>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
>>>>> how static checker with commands.properties work, admins will be
>>>>> required to add/update new API/ACLs in the commands.properties file.
>>>>>
>>>>> Adding the following to commands.properties file and restarting
>>>>> mgmt server fixes the issue:
>>>>>
>>>>> quotaIsEnabled=15
>>>>>
>>>>>
>>>>> Please continue testing, thanks.
>>>>>
>>>>>
>>>>> - Rohit
>>>>>
>>>>> <https://cloudstack.apache.org>
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> From: Boris Stoyanov
>>>>> <bo...@shapeblue.com>>
>>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>>
>>>>> I think I’ve hit a blocker when upgrading to 4.11
>>>>>
>>>>> Here’s the jira id:
>>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>>>
>>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
>>>>> got session expired immediately.
>>>>>
>>>>> Regards,
>>>>> Boris Stoyanov
>>>>>
>>>>>
>>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>>> @shapeblue
>>>>>
>>>>>
>>>>>
>>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>>>> <Mi...@netapp.com>>>
>>>>> wrote:
>>>>>
>>>>> Hi everyone,
>>>>>
>>>>> For the past couple days, I have been running the KVM managed-storage
>>>>> regression-test suite against RC1.
>>>>>
>>>>> With the exception of one issue (more on this below), all of these tests have
>>>>> passed.
>>>>>
>>>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>>>
>>>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>>>> managed-storage tests.
>>>>>
>>>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>>>> suspect all of those tests will come back successful.
>>>>>
>>>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>>>
>>>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>>>> from NFS or Ceph to managed storage.
>>>>>
>>>>> During the code-review process, I made a change per a suggestion and it
>>>>> introduced an issue with this feature. The solution is just a couple lines of
>>>>> code and only impacts this one use case. If you are testing this release
>>>>> candidate and don’t really care about this particular feature, it should not at
>>>>> all impact your ability to test RC1.
>>>>>
>>>>> Thanks!
>>>>> Mike
>>>>>
>>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>>>> <ro...@apache.org>>>
>>>>> wrote:
>>>>>
>>>>> Hi All,
>>>>>
>>>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>>>> testing and a vote:
>>>>>
>>>>> Git Branch and Commit SH:
>>>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>>>
>>>>> Source release (checksums and signatures are available at the same
>>>>> location):
>>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>>>
>>>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>>>
>>>>> The vote will be open for 72 hours.
>>>>>
>>>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>>>> "(binding)" with their vote?
>>>>>
>>>>> [ ] +1 approve
>>>>> [ ] +0 no opinion
>>>>> [ ] -1 disapprove (and reason why)
>>>>>
>>>>> Additional information:
>>>>>
>>>>> For users' convenience, I've built packages from
>>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>>>
>>>>> The release notes are still work-in-progress, but the systemvmtemplate
>>>>> upgrade section has been updated. You may refer the following for
>>>>> systemvmtemplate upgrade testing:
>>>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>>>
>>>>> 4.11 systemvmtemplates are available from here:
>>>>> https://download.cloudstack.org/systemvm/4.11/
>>>>>
>>>>> Regards,
> > >>> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Nux! <nu...@li.nux.ro>.
Paul,
Ok, let me play some more with those tunings params, see if I can find a satisfactory combination and I'll withhold a -1 on this on the basis that I've just misunderstood the whole thing. :)
Thanks
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Paul Angus" <pa...@shapeblue.com>
> To: "users" <us...@cloudstack.apache.org>
> Cc: "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 19:55:01
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Hey Nux,
>
> There is quite a bit of tuning you can do, to speed or slow CloudStack's
> decision making, but we need to be sure that when we lose contact with a host
> agent, that the VMs themselves really are dead. By default host-ha is set to
> be super sure.
>
> There are various timeouts which can be configured to decide how long to wait
> for a host to restart before deciding that it is not going to start as well as
> how many times we should check for disk activity from the resident VMs of a
> suspect host.
>
> The parameters are detailed here.
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
>
> Honestly, the aim of Host HA was to fix the particular issue that you are
> describing as we can't remember a time when it did work reliably.
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: 23 January 2018 19:08
> To: users <us...@cloudstack.apache.org>
> Cc: dev <de...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
>
> To be honest I do not remember when I last saw this, as I have not been testing
> ACS in 2017.
> You'd kill a HV, the VMs would pop up on another after a few minutes.
>
> Even with Host HA, the VMs remain down until the hypervisor is back up,
> restarted by OOBM - however if that HV has suffered a HW fault and needs to be
> removed, then those VM will be down for a long time ...
>
> Unless I got things quite wrong, (VM) HA - one of the big selling points of ACS
> - is essentially broken?
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Paul Angus" <pa...@shapeblue.com>
>> To: "users" <us...@cloudstack.apache.org>, "dev"
>> <de...@cloudstack.apache.org>
>> Sent: Tuesday, 23 January, 2018 16:02:54
>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>> Hi Nux,
>>
>> When have you seen the VMs on KVM behaving in the manner which you are
>> expecting? I recall it didn’t work that way in the mid 4.5 versions
>> (we found out the hard way in front of a customer) and it doesn't
>> behave the way you are expecting 4.9 - I've just tested it.
>>
>> You need host-ha enabled to get reliable HA in the event of a host
>> crash, that is why we developed the host ha feature.
>>
>> Kind regards,
>>
>> Paul Angus
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>
>> -----Original Message-----
>> From: Nux! [mailto:nux@li.nux.ro]
>> Sent: 23 January 2018 15:06
>> To: dev <de...@cloudstack.apache.org>
>> Cc: users <us...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Rohit,
>>
>> I'll also have to insist with the VM HA issue.
>> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
>>
>> Lucian
>>
>> --
>> Sent from the Delta quadrant using Borg technology!
>>
>> Nux!
>> www.nux.ro
>>
>> ----- Original Message -----
>>> From: "Rohit Yadav" <ro...@shapeblue.com>
>>> To: "dev" <de...@cloudstack.apache.org>, "users"
>>> <us...@cloudstack.apache.org>
>>> Sent: Tuesday, 23 January, 2018 14:28:34
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>> All,
>>>
>>>
>>> Given we've outstanding blockers and PRs in review/testing, I'll cut
>>> RC2 only after we manage to get them reviewed, tested and merged.
>>>
>>>
>>> The outstanding PRs considered for RC2 are:
>>>
>>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
>>> for security groups)
>>>
>>> https://github.com/apache/cloudstack/pull/2419 (Password server
>>> issue)
>>>
>>>
>>> In addition we've following issues to receive fixes:
>>>
>>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>>>
>>> - Dynamic roles upgrade fixes:
>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>>>
>>>
>>> Please share any other issues you've found, or I've missed. Thanks,
>>> and continue testing RC1.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Rohit Yadav <ro...@shapeblue.com>
>>> Sent: Monday, January 22, 2018 11:18:27 AM
>>> To: Paul Angus; users@cloudstack.apache.org;
>>> dev@cloudstack.apache.org
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
>>> had discussed this as a doc bug and so it must be documented part of
>>> the 4.11 release notes as well.
>>>
>>>
>>> There are two ways admin can migrate to dynamic roles post-upgrade:
>>>
>>>
>>> 1. Enable dynamic.apichecker.enabled to true which will use the
>>> default api mapping of rules from 4.8 commands.properties and
>>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
>>> Or,
>>>
>>> 2. The migration script is only useful where admins were not using
>>> the default api rule mappings and they strictly want to
>>> check/migrate each API. This approach requires admins to go through
>>> new APIs and fix commands.properties before running the migration
>>> scriopt (we've been sharing the new/change API list in release notes, for
>>> example:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
>>> (for reference, doc:
>>>
>>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
>>> e
>>> n/latest/accounts.html#using-dynamic-roles)
>>>
>>>
>>> Unlike the dynamic API checker, the static checker does not even
>>> allow the root API to access all the APIs which is why post upgrade,
>>> if the UI calls any API that is not allowed for the root admin (in
>>> this case the quotaIsEnabled API) the UI will logout the user on API
>>> unauthorized failure which is what happened.
>>>
>>>
>>> So, we can discuss two fixes:
>>>
>>> - Like dynamic checker, let the static checker allow all APIs only to
>>> the root admin (id=1) (I would not prefer to change the legacy
>>> behaviour though)
>>>
>>> - During upgrade, if commands.properties is missing we set the global
>>> setting to true, i.e. switch to dynamic roles (which would happen if
>>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
>>> they fail to copy the commands.properties file from /usr/share or /etc paths).
>>>
>>>
>>> Thoughts?
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>>
>>> rohit.yadav@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com
>>> www.shapeblue.com
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>> From: Paul Angus
>>> Sent: Monday, January 22, 2018 9:24:25 AM
>>> To: users@cloudstack.apache.org
>>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
>>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> If I've understood the issue correctly, "not being able to log in if upgrading
>>> from 4.5" is a blocker in my book. I don't think that it should be the duty
>>> of the Admin, to fix our oversights. Migration to the use of dynamic
>>> roles is also broken as the command will be missing from
>>> commands.properties in the first place, so the 'migrated' commands
>>> will not be complete.
>>>
>>> As there will need to be an RC2, IMO this upgrade issue should be
>>> fixed as part of it.
>>>
>>>
>>>
>>> Kind regards,
>>>
>>> Paul Angus
>>>
>>>
>>> VP Technology
>>> paul.angus@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>>
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
>>> Sent: 22 January 2018 07:31
>>> To: users@cloudstack.apache.org
>>> Cc: Rohit Yadav <ro...@shapeblue.com>;
>>> dev@cloudstack.apache.org; Daan Hoogland
>>> <da...@shapeblue.com>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> Hi Paul,
>>> Migration script considers only what’s in the command.properties
>>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
>>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
>>> take care of aligning this up. I’m also not big fan of having this
>>> described in release notes, but would like to be included
>>> automatically during upgrade. Main argument against it, its not a blocker.
>>>
>>> Bobby.
>>>
>>>
>>> boris.stoyanov@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>>>
>>>> OK, just to confirm ‘we’ the community have basically deprecated the
>>>> use of commands.properties?
>>>>
>>>> But for people upgrading from a version before dynamic roles, does
>>>> the migration script take into account (or need to take into
>>>> account) the ‘missing’
>>>> quotaIsEnabled=15 parameter?
>>>>
>>>>
>>>>
>>>>
>>>> paul.angus@shapeblue.com
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>> From: Rohit Yadav
>>>> Sent: 19 January 2018 09:27
>>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>>>> Paul Angus <pa...@shapeblue.com>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>>
>>>> Hi Bobby,
>>>>
>>>>
>>>>
>>>> Agree, it's not user-friendly which is why admins should migrate to
>>>> the dynamic roles feature. But I'm not sure if this is a blocker and
>>>> if an admin wants to stick to the old static (commands.properties)
>>>> way, they need to manage changes themselves. We may add something to
>>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>>>
>>>>
>>>>
>>>> - Rohit
>>>>
>>>>
>>>>
>>>> Software Architect
>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Boris Stoyanov
>>>> <bo...@shapeblue.com>>
>>>> Sent: Friday, January 19, 2018 2:51:32 PM
>>>> To: users
>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>> Hi Rohit,
>>>>
>>>> That doesn’t sound much user friendly what do you think? Can we look
>>>> for a way to automate this dependency in the upgrade process?
>>>>
>>>> Bobby.
>>>>
>>>>
>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>>>> <ro...@shapeblue.com>> wrote:
>>>>>
>>>>> Hi Bobby,
>>>>>
>>>>>
>>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
>>>>> how static checker with commands.properties work, admins will be
>>>>> required to add/update new API/ACLs in the commands.properties file.
>>>>>
>>>>> Adding the following to commands.properties file and restarting
>>>>> mgmt server fixes the issue:
>>>>>
>>>>> quotaIsEnabled=15
>>>>>
>>>>>
>>>>> Please continue testing, thanks.
>>>>>
>>>>>
>>>>> - Rohit
>>>>>
>>>>> <https://cloudstack.apache.org>
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> From: Boris Stoyanov
>>>>> <bo...@shapeblue.com>>
>>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>>
>>>>> I think I’ve hit a blocker when upgrading to 4.11
>>>>>
>>>>> Here’s the jira id:
>>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>>>
>>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
>>>>> got session expired immediately.
>>>>>
>>>>> Regards,
>>>>> Boris Stoyanov
>>>>>
>>>>>
>>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>>> @shapeblue
>>>>>
>>>>>
>>>>>
>>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>>>> <Mi...@netapp.com>>>
>>>>> wrote:
>>>>>
>>>>> Hi everyone,
>>>>>
>>>>> For the past couple days, I have been running the KVM managed-storage
>>>>> regression-test suite against RC1.
>>>>>
>>>>> With the exception of one issue (more on this below), all of these tests have
>>>>> passed.
>>>>>
>>>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>>>
>>>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>>>> managed-storage tests.
>>>>>
>>>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>>>> suspect all of those tests will come back successful.
>>>>>
>>>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>>>
>>>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>>>> from NFS or Ceph to managed storage.
>>>>>
>>>>> During the code-review process, I made a change per a suggestion and it
>>>>> introduced an issue with this feature. The solution is just a couple lines of
>>>>> code and only impacts this one use case. If you are testing this release
>>>>> candidate and don’t really care about this particular feature, it should not at
>>>>> all impact your ability to test RC1.
>>>>>
>>>>> Thanks!
>>>>> Mike
>>>>>
>>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>>>> <ro...@apache.org>>>
>>>>> wrote:
>>>>>
>>>>> Hi All,
>>>>>
>>>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>>>> testing and a vote:
>>>>>
>>>>> Git Branch and Commit SH:
>>>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>>>
>>>>> Source release (checksums and signatures are available at the same
>>>>> location):
>>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>>>
>>>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>>>
>>>>> The vote will be open for 72 hours.
>>>>>
>>>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>>>> "(binding)" with their vote?
>>>>>
>>>>> [ ] +1 approve
>>>>> [ ] +0 no opinion
>>>>> [ ] -1 disapprove (and reason why)
>>>>>
>>>>> Additional information:
>>>>>
>>>>> For users' convenience, I've built packages from
>>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>>>
>>>>> The release notes are still work-in-progress, but the systemvmtemplate
>>>>> upgrade section has been updated. You may refer the following for
>>>>> systemvmtemplate upgrade testing:
>>>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>>>
>>>>> 4.11 systemvmtemplates are available from here:
>>>>> https://download.cloudstack.org/systemvm/4.11/
>>>>>
>>>>> Regards,
> > >>> Rohit Yadav
RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Paul Angus <pa...@shapeblue.com>.
Hey Nux,
There is quite a bit of tuning you can do, to speed or slow CloudStack's decision making, but we need to be sure that when we lose contact with a host agent, that the VMs themselves really are dead. By default host-ha is set to be super sure.
There are various timeouts which can be configured to decide how long to wait for a host to restart before deciding that it is not going to start as well as how many times we should check for disk activity from the resident VMs of a suspect host.
The parameters are detailed here.
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
Honestly, the aim of Host HA was to fix the particular issue that you are describing as we can't remember a time when it did work reliably.
paul.angus@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-----Original Message-----
From: Nux! [mailto:nux@li.nux.ro]
Sent: 23 January 2018 19:08
To: users <us...@cloudstack.apache.org>
Cc: dev <de...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Paul,
To be honest I do not remember when I last saw this, as I have not been testing ACS in 2017.
You'd kill a HV, the VMs would pop up on another after a few minutes.
Even with Host HA, the VMs remain down until the hypervisor is back up, restarted by OOBM - however if that HV has suffered a HW fault and needs to be removed, then those VM will be down for a long time ...
Unless I got things quite wrong, (VM) HA - one of the big selling points of ACS - is essentially broken?
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Paul Angus" <pa...@shapeblue.com>
> To: "users" <us...@cloudstack.apache.org>, "dev"
> <de...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 16:02:54
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Hi Nux,
>
> When have you seen the VMs on KVM behaving in the manner which you are
> expecting? I recall it didn’t work that way in the mid 4.5 versions
> (we found out the hard way in front of a customer) and it doesn't
> behave the way you are expecting 4.9 - I've just tested it.
>
> You need host-ha enabled to get reliable HA in the event of a host
> crash, that is why we developed the host ha feature.
>
> Kind regards,
>
> Paul Angus
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: 23 January 2018 15:06
> To: dev <de...@cloudstack.apache.org>
> Cc: users <us...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Rohit,
>
> I'll also have to insist with the VM HA issue.
> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Rohit Yadav" <ro...@shapeblue.com>
>> To: "dev" <de...@cloudstack.apache.org>, "users"
>> <us...@cloudstack.apache.org>
>> Sent: Tuesday, 23 January, 2018 14:28:34
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>> All,
>>
>>
>> Given we've outstanding blockers and PRs in review/testing, I'll cut
>> RC2 only after we manage to get them reviewed, tested and merged.
>>
>>
>> The outstanding PRs considered for RC2 are:
>>
>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
>> for security groups)
>>
>> https://github.com/apache/cloudstack/pull/2419 (Password server
>> issue)
>>
>>
>> In addition we've following issues to receive fixes:
>>
>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>>
>> - Dynamic roles upgrade fixes:
>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>>
>>
>> Please share any other issues you've found, or I've missed. Thanks,
>> and continue testing RC1.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Rohit Yadav <ro...@shapeblue.com>
>> Sent: Monday, January 22, 2018 11:18:27 AM
>> To: Paul Angus; users@cloudstack.apache.org;
>> dev@cloudstack.apache.org
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
>> had discussed this as a doc bug and so it must be documented part of
>> the 4.11 release notes as well.
>>
>>
>> There are two ways admin can migrate to dynamic roles post-upgrade:
>>
>>
>> 1. Enable dynamic.apichecker.enabled to true which will use the
>> default api mapping of rules from 4.8 commands.properties and
>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
>> Or,
>>
>> 2. The migration script is only useful where admins were not using
>> the default api rule mappings and they strictly want to
>> check/migrate each API. This approach requires admins to go through
>> new APIs and fix commands.properties before running the migration
>> scriopt (we've been sharing the new/change API list in release notes, for example:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
>> (for reference, doc:
>>
>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
>> e
>> n/latest/accounts.html#using-dynamic-roles)
>>
>>
>> Unlike the dynamic API checker, the static checker does not even
>> allow the root API to access all the APIs which is why post upgrade,
>> if the UI calls any API that is not allowed for the root admin (in
>> this case the quotaIsEnabled API) the UI will logout the user on API
>> unauthorized failure which is what happened.
>>
>>
>> So, we can discuss two fixes:
>>
>> - Like dynamic checker, let the static checker allow all APIs only to
>> the root admin (id=1) (I would not prefer to change the legacy
>> behaviour though)
>>
>> - During upgrade, if commands.properties is missing we set the global
>> setting to true, i.e. switch to dynamic roles (which would happen if
>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
>> they fail to copy the commands.properties file from /usr/share or /etc paths).
>>
>>
>> Thoughts?
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Paul Angus
>> Sent: Monday, January 22, 2018 9:24:25 AM
>> To: users@cloudstack.apache.org
>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> If I've understood the issue correctly, "not being able to log in if upgrading
>> from 4.5" is a blocker in my book. I don't think that it should be the duty
>> of the Admin, to fix our oversights. Migration to the use of dynamic
>> roles is also broken as the command will be missing from
>> commands.properties in the first place, so the 'migrated' commands
>> will not be complete.
>>
>> As there will need to be an RC2, IMO this upgrade issue should be
>> fixed as part of it.
>>
>>
>>
>> Kind regards,
>>
>> Paul Angus
>>
>>
>> VP Technology
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>> -----Original Message-----
>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
>> Sent: 22 January 2018 07:31
>> To: users@cloudstack.apache.org
>> Cc: Rohit Yadav <ro...@shapeblue.com>;
>> dev@cloudstack.apache.org; Daan Hoogland
>> <da...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Paul,
>> Migration script considers only what’s in the command.properties
>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
>> take care of aligning this up. I’m also not big fan of having this
>> described in release notes, but would like to be included
>> automatically during upgrade. Main argument against it, its not a blocker.
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>>
>>> OK, just to confirm ‘we’ the community have basically deprecated the
>>> use of commands.properties?
>>>
>>> But for people upgrading from a version before dynamic roles, does
>>> the migration script take into account (or need to take into
>>> account) the ‘missing’
>>> quotaIsEnabled=15 parameter?
>>>
>>>
>>>
>>>
>>> paul.angus@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>> From: Rohit Yadav
>>> Sent: 19 January 2018 09:27
>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>>> Paul Angus <pa...@shapeblue.com>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>>
>>> Hi Bobby,
>>>
>>>
>>>
>>> Agree, it's not user-friendly which is why admins should migrate to
>>> the dynamic roles feature. But I'm not sure if this is a blocker and
>>> if an admin wants to stick to the old static (commands.properties)
>>> way, they need to manage changes themselves. We may add something to
>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>>
>>>
>>>
>>> - Rohit
>>>
>>>
>>>
>>> Software Architect
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov
>>> <bo...@shapeblue.com>>
>>> Sent: Friday, January 19, 2018 2:51:32 PM
>>> To: users
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> Hi Rohit,
>>>
>>> That doesn’t sound much user friendly what do you think? Can we look
>>> for a way to automate this dependency in the upgrade process?
>>>
>>> Bobby.
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>>> <ro...@shapeblue.com>> wrote:
>>>>
>>>> Hi Bobby,
>>>>
>>>>
>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
>>>> how static checker with commands.properties work, admins will be
>>>> required to add/update new API/ACLs in the commands.properties file.
>>>>
>>>> Adding the following to commands.properties file and restarting
>>>> mgmt server fixes the issue:
>>>>
>>>> quotaIsEnabled=15
>>>>
>>>>
>>>> Please continue testing, thanks.
>>>>
>>>>
>>>> - Rohit
>>>>
>>>> <https://cloudstack.apache.org>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Boris Stoyanov
>>>> <bo...@shapeblue.com>>
>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>> I think I’ve hit a blocker when upgrading to 4.11
>>>>
>>>> Here’s the jira id:
>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>>
>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
>>>> got session expired immediately.
>>>>
>>>> Regards,
>>>> Boris Stoyanov
>>>>
>>>>
>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>>
>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>> @shapeblue
>>>>
>>>>
>>>>
>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>>> <Mi...@netapp.com>>>
>>>> wrote:
>>>>
>>>> Hi everyone,
>>>>
>>>> For the past couple days, I have been running the KVM managed-storage
>>>> regression-test suite against RC1.
>>>>
>>>> With the exception of one issue (more on this below), all of these tests have
>>>> passed.
>>>>
>>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>>
>>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>>> managed-storage tests.
>>>>
>>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>>> suspect all of those tests will come back successful.
>>>>
>>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>>
>>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>>> from NFS or Ceph to managed storage.
>>>>
>>>> During the code-review process, I made a change per a suggestion and it
>>>> introduced an issue with this feature. The solution is just a couple lines of
>>>> code and only impacts this one use case. If you are testing this release
>>>> candidate and don’t really care about this particular feature, it should not at
>>>> all impact your ability to test RC1.
>>>>
>>>> Thanks!
>>>> Mike
>>>>
>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>>> <ro...@apache.org>>>
>>>> wrote:
>>>>
>>>> Hi All,
>>>>
>>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>>> testing and a vote:
>>>>
>>>> Git Branch and Commit SH:
>>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>>
>>>> Source release (checksums and signatures are available at the same
>>>> location):
>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>>
>>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>>
>>>> The vote will be open for 72 hours.
>>>>
>>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>>> "(binding)" with their vote?
>>>>
>>>> [ ] +1 approve
>>>> [ ] +0 no opinion
>>>> [ ] -1 disapprove (and reason why)
>>>>
>>>> Additional information:
>>>>
>>>> For users' convenience, I've built packages from
>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>>
>>>> The release notes are still work-in-progress, but the systemvmtemplate
>>>> upgrade section has been updated. You may refer the following for
>>>> systemvmtemplate upgrade testing:
>>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>>
>>>> 4.11 systemvmtemplates are available from here:
>>>> https://download.cloudstack.org/systemvm/4.11/
>>>>
>>>> Regards,
> >>> Rohit Yadav
RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Paul Angus <pa...@shapeblue.com>.
Hey Nux,
There is quite a bit of tuning you can do, to speed or slow CloudStack's decision making, but we need to be sure that when we lose contact with a host agent, that the VMs themselves really are dead. By default host-ha is set to be super sure.
There are various timeouts which can be configured to decide how long to wait for a host to restart before deciding that it is not going to start as well as how many times we should check for disk activity from the resident VMs of a suspect host.
The parameters are detailed here.
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Host+HA
Honestly, the aim of Host HA was to fix the particular issue that you are describing as we can't remember a time when it did work reliably.
paul.angus@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-----Original Message-----
From: Nux! [mailto:nux@li.nux.ro]
Sent: 23 January 2018 19:08
To: users <us...@cloudstack.apache.org>
Cc: dev <de...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Paul,
To be honest I do not remember when I last saw this, as I have not been testing ACS in 2017.
You'd kill a HV, the VMs would pop up on another after a few minutes.
Even with Host HA, the VMs remain down until the hypervisor is back up, restarted by OOBM - however if that HV has suffered a HW fault and needs to be removed, then those VM will be down for a long time ...
Unless I got things quite wrong, (VM) HA - one of the big selling points of ACS - is essentially broken?
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Paul Angus" <pa...@shapeblue.com>
> To: "users" <us...@cloudstack.apache.org>, "dev"
> <de...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 16:02:54
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Hi Nux,
>
> When have you seen the VMs on KVM behaving in the manner which you are
> expecting? I recall it didn’t work that way in the mid 4.5 versions
> (we found out the hard way in front of a customer) and it doesn't
> behave the way you are expecting 4.9 - I've just tested it.
>
> You need host-ha enabled to get reliable HA in the event of a host
> crash, that is why we developed the host ha feature.
>
> Kind regards,
>
> Paul Angus
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: 23 January 2018 15:06
> To: dev <de...@cloudstack.apache.org>
> Cc: users <us...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Rohit,
>
> I'll also have to insist with the VM HA issue.
> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Rohit Yadav" <ro...@shapeblue.com>
>> To: "dev" <de...@cloudstack.apache.org>, "users"
>> <us...@cloudstack.apache.org>
>> Sent: Tuesday, 23 January, 2018 14:28:34
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>> All,
>>
>>
>> Given we've outstanding blockers and PRs in review/testing, I'll cut
>> RC2 only after we manage to get them reviewed, tested and merged.
>>
>>
>> The outstanding PRs considered for RC2 are:
>>
>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
>> for security groups)
>>
>> https://github.com/apache/cloudstack/pull/2419 (Password server
>> issue)
>>
>>
>> In addition we've following issues to receive fixes:
>>
>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>>
>> - Dynamic roles upgrade fixes:
>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>>
>>
>> Please share any other issues you've found, or I've missed. Thanks,
>> and continue testing RC1.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Rohit Yadav <ro...@shapeblue.com>
>> Sent: Monday, January 22, 2018 11:18:27 AM
>> To: Paul Angus; users@cloudstack.apache.org;
>> dev@cloudstack.apache.org
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
>> had discussed this as a doc bug and so it must be documented part of
>> the 4.11 release notes as well.
>>
>>
>> There are two ways admin can migrate to dynamic roles post-upgrade:
>>
>>
>> 1. Enable dynamic.apichecker.enabled to true which will use the
>> default api mapping of rules from 4.8 commands.properties and
>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
>> Or,
>>
>> 2. The migration script is only useful where admins were not using
>> the default api rule mappings and they strictly want to
>> check/migrate each API. This approach requires admins to go through
>> new APIs and fix commands.properties before running the migration
>> scriopt (we've been sharing the new/change API list in release notes, for example:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
>> (for reference, doc:
>>
>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/
>> e
>> n/latest/accounts.html#using-dynamic-roles)
>>
>>
>> Unlike the dynamic API checker, the static checker does not even
>> allow the root API to access all the APIs which is why post upgrade,
>> if the UI calls any API that is not allowed for the root admin (in
>> this case the quotaIsEnabled API) the UI will logout the user on API
>> unauthorized failure which is what happened.
>>
>>
>> So, we can discuss two fixes:
>>
>> - Like dynamic checker, let the static checker allow all APIs only to
>> the root admin (id=1) (I would not prefer to change the legacy
>> behaviour though)
>>
>> - During upgrade, if commands.properties is missing we set the global
>> setting to true, i.e. switch to dynamic roles (which would happen if
>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
>> they fail to copy the commands.properties file from /usr/share or /etc paths).
>>
>>
>> Thoughts?
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Paul Angus
>> Sent: Monday, January 22, 2018 9:24:25 AM
>> To: users@cloudstack.apache.org
>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> If I've understood the issue correctly, "not being able to log in if upgrading
>> from 4.5" is a blocker in my book. I don't think that it should be the duty
>> of the Admin, to fix our oversights. Migration to the use of dynamic
>> roles is also broken as the command will be missing from
>> commands.properties in the first place, so the 'migrated' commands
>> will not be complete.
>>
>> As there will need to be an RC2, IMO this upgrade issue should be
>> fixed as part of it.
>>
>>
>>
>> Kind regards,
>>
>> Paul Angus
>>
>>
>> VP Technology
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>> -----Original Message-----
>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
>> Sent: 22 January 2018 07:31
>> To: users@cloudstack.apache.org
>> Cc: Rohit Yadav <ro...@shapeblue.com>;
>> dev@cloudstack.apache.org; Daan Hoogland
>> <da...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Paul,
>> Migration script considers only what’s in the command.properties
>> file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not
>> create a rule for it. As Rohit mentioned it’s a duty of the admin to
>> take care of aligning this up. I’m also not big fan of having this
>> described in release notes, but would like to be included
>> automatically during upgrade. Main argument against it, its not a blocker.
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>>
>>> OK, just to confirm ‘we’ the community have basically deprecated the
>>> use of commands.properties?
>>>
>>> But for people upgrading from a version before dynamic roles, does
>>> the migration script take into account (or need to take into
>>> account) the ‘missing’
>>> quotaIsEnabled=15 parameter?
>>>
>>>
>>>
>>>
>>> paul.angus@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>> From: Rohit Yadav
>>> Sent: 19 January 2018 09:27
>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>>> Paul Angus <pa...@shapeblue.com>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>>
>>> Hi Bobby,
>>>
>>>
>>>
>>> Agree, it's not user-friendly which is why admins should migrate to
>>> the dynamic roles feature. But I'm not sure if this is a blocker and
>>> if an admin wants to stick to the old static (commands.properties)
>>> way, they need to manage changes themselves. We may add something to
>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>>
>>>
>>>
>>> - Rohit
>>>
>>>
>>>
>>> Software Architect
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov
>>> <bo...@shapeblue.com>>
>>> Sent: Friday, January 19, 2018 2:51:32 PM
>>> To: users
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> Hi Rohit,
>>>
>>> That doesn’t sound much user friendly what do you think? Can we look
>>> for a way to automate this dependency in the upgrade process?
>>>
>>> Bobby.
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>>> <ro...@shapeblue.com>> wrote:
>>>>
>>>> Hi Bobby,
>>>>
>>>>
>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of
>>>> how static checker with commands.properties work, admins will be
>>>> required to add/update new API/ACLs in the commands.properties file.
>>>>
>>>> Adding the following to commands.properties file and restarting
>>>> mgmt server fixes the issue:
>>>>
>>>> quotaIsEnabled=15
>>>>
>>>>
>>>> Please continue testing, thanks.
>>>>
>>>>
>>>> - Rohit
>>>>
>>>> <https://cloudstack.apache.org>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Boris Stoyanov
>>>> <bo...@shapeblue.com>>
>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>> I think I’ve hit a blocker when upgrading to 4.11
>>>>
>>>> Here’s the jira id:
>>>> https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>>
>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and
>>>> got session expired immediately.
>>>>
>>>> Regards,
>>>> Boris Stoyanov
>>>>
>>>>
>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>>
>>>>
>>>>
>>>>
>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>> @shapeblue
>>>>
>>>>
>>>>
>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>>> <Mi...@netapp.com>>>
>>>> wrote:
>>>>
>>>> Hi everyone,
>>>>
>>>> For the past couple days, I have been running the KVM managed-storage
>>>> regression-test suite against RC1.
>>>>
>>>> With the exception of one issue (more on this below), all of these tests have
>>>> passed.
>>>>
>>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>>
>>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>>> managed-storage tests.
>>>>
>>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>>> suspect all of those tests will come back successful.
>>>>
>>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>>
>>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>>> from NFS or Ceph to managed storage.
>>>>
>>>> During the code-review process, I made a change per a suggestion and it
>>>> introduced an issue with this feature. The solution is just a couple lines of
>>>> code and only impacts this one use case. If you are testing this release
>>>> candidate and don’t really care about this particular feature, it should not at
>>>> all impact your ability to test RC1.
>>>>
>>>> Thanks!
>>>> Mike
>>>>
>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>>> <ro...@apache.org>>>
>>>> wrote:
>>>>
>>>> Hi All,
>>>>
>>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>>> testing and a vote:
>>>>
>>>> Git Branch and Commit SH:
>>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>>
>>>> Source release (checksums and signatures are available at the same
>>>> location):
>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>>
>>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>>
>>>> The vote will be open for 72 hours.
>>>>
>>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>>> "(binding)" with their vote?
>>>>
>>>> [ ] +1 approve
>>>> [ ] +0 no opinion
>>>> [ ] -1 disapprove (and reason why)
>>>>
>>>> Additional information:
>>>>
>>>> For users' convenience, I've built packages from
>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>>
>>>> The release notes are still work-in-progress, but the systemvmtemplate
>>>> upgrade section has been updated. You may refer the following for
>>>> systemvmtemplate upgrade testing:
>>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>>
>>>> 4.11 systemvmtemplates are available from here:
>>>> https://download.cloudstack.org/systemvm/4.11/
>>>>
>>>> Regards,
> >>> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Nux! <nu...@li.nux.ro>.
Hi Paul,
To be honest I do not remember when I last saw this, as I have not been testing ACS in 2017.
You'd kill a HV, the VMs would pop up on another after a few minutes.
Even with Host HA, the VMs remain down until the hypervisor is back up, restarted by OOBM - however if that HV has suffered a HW fault and needs to be removed, then those VM will be down for a long time ...
Unless I got things quite wrong, (VM) HA - one of the big selling points of ACS - is essentially broken?
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Paul Angus" <pa...@shapeblue.com>
> To: "users" <us...@cloudstack.apache.org>, "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 16:02:54
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Hi Nux,
>
> When have you seen the VMs on KVM behaving in the manner which you are
> expecting? I recall it didn’t work that way in the mid 4.5 versions (we found
> out the hard way in front of a customer) and it doesn't behave the way you are
> expecting 4.9 - I've just tested it.
>
> You need host-ha enabled to get reliable HA in the event of a host crash, that
> is why we developed the host ha feature.
>
> Kind regards,
>
> Paul Angus
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: 23 January 2018 15:06
> To: dev <de...@cloudstack.apache.org>
> Cc: users <us...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Rohit,
>
> I'll also have to insist with the VM HA issue.
> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Rohit Yadav" <ro...@shapeblue.com>
>> To: "dev" <de...@cloudstack.apache.org>, "users"
>> <us...@cloudstack.apache.org>
>> Sent: Tuesday, 23 January, 2018 14:28:34
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>> All,
>>
>>
>> Given we've outstanding blockers and PRs in review/testing, I'll cut
>> RC2 only after we manage to get them reviewed, tested and merged.
>>
>>
>> The outstanding PRs considered for RC2 are:
>>
>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
>> for security groups)
>>
>> https://github.com/apache/cloudstack/pull/2419 (Password server issue)
>>
>>
>> In addition we've following issues to receive fixes:
>>
>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>>
>> - Dynamic roles upgrade fixes:
>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>>
>>
>> Please share any other issues you've found, or I've missed. Thanks,
>> and continue testing RC1.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Rohit Yadav <ro...@shapeblue.com>
>> Sent: Monday, January 22, 2018 11:18:27 AM
>> To: Paul Angus; users@cloudstack.apache.org; dev@cloudstack.apache.org
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
>> had discussed this as a doc bug and so it must be documented part of
>> the 4.11 release notes as well.
>>
>>
>> There are two ways admin can migrate to dynamic roles post-upgrade:
>>
>>
>> 1. Enable dynamic.apichecker.enabled to true which will use the
>> default api mapping of rules from 4.8 commands.properties and
>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
>> Or,
>>
>> 2. The migration script is only useful where admins were not using
>> the default api rule mappings and they strictly want to check/migrate
>> each API. This approach requires admins to go through new APIs and
>> fix commands.properties before running the migration scriopt (we've
>> been sharing the new/change API list in release notes, for example:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
>> (for reference, doc:
>>
>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/e
>> n/latest/accounts.html#using-dynamic-roles)
>>
>>
>> Unlike the dynamic API checker, the static checker does not even allow
>> the root API to access all the APIs which is why post upgrade, if the
>> UI calls any API that is not allowed for the root admin (in this case
>> the quotaIsEnabled API) the UI will logout the user on API unauthorized failure
>> which is what happened.
>>
>>
>> So, we can discuss two fixes:
>>
>> - Like dynamic checker, let the static checker allow all APIs only to
>> the root admin (id=1) (I would not prefer to change the legacy
>> behaviour though)
>>
>> - During upgrade, if commands.properties is missing we set the global
>> setting to true, i.e. switch to dynamic roles (which would happen if
>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
>> they fail to copy the commands.properties file from /usr/share or /etc paths).
>>
>>
>> Thoughts?
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Paul Angus
>> Sent: Monday, January 22, 2018 9:24:25 AM
>> To: users@cloudstack.apache.org
>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> If I've understood the issue correctly, "not being able to log in if upgrading
>> from 4.5" is a blocker in my book. I don't think that it should be the duty
>> of the Admin, to fix our oversights. Migration to the use of dynamic
>> roles is also broken as the command will be missing from
>> commands.properties in the first place, so the 'migrated' commands will not be
>> complete.
>>
>> As there will need to be an RC2, IMO this upgrade issue should be
>> fixed as part of it.
>>
>>
>>
>> Kind regards,
>>
>> Paul Angus
>>
>>
>> VP Technology
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>> -----Original Message-----
>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
>> Sent: 22 January 2018 07:31
>> To: users@cloudstack.apache.org
>> Cc: Rohit Yadav <ro...@shapeblue.com>;
>> dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Paul,
>> Migration script considers only what’s in the command.properties file,
>> so if the ‘missing’ quotaIsEnabled=15 is not there it will not create
>> a rule for it. As Rohit mentioned it’s a duty of the admin to take
>> care of aligning this up. I’m also not big fan of having this
>> described in release notes, but would like to be included
>> automatically during upgrade. Main argument against it, its not a blocker.
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>>
>>> OK, just to confirm ‘we’ the community have basically deprecated the
>>> use of commands.properties?
>>>
>>> But for people upgrading from a version before dynamic roles, does
>>> the migration script take into account (or need to take into account) the
>>> ‘missing’
>>> quotaIsEnabled=15 parameter?
>>>
>>>
>>>
>>>
>>> paul.angus@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>> From: Rohit Yadav
>>> Sent: 19 January 2018 09:27
>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>>> Paul Angus <pa...@shapeblue.com>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>>
>>> Hi Bobby,
>>>
>>>
>>>
>>> Agree, it's not user-friendly which is why admins should migrate to
>>> the dynamic roles feature. But I'm not sure if this is a blocker and
>>> if an admin wants to stick to the old static (commands.properties)
>>> way, they need to manage changes themselves. We may add something to
>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>>
>>>
>>>
>>> - Rohit
>>>
>>>
>>>
>>> Software Architect
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov
>>> <bo...@shapeblue.com>>
>>> Sent: Friday, January 19, 2018 2:51:32 PM
>>> To: users
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> Hi Rohit,
>>>
>>> That doesn’t sound much user friendly what do you think? Can we look
>>> for a way to automate this dependency in the upgrade process?
>>>
>>> Bobby.
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>>> <ro...@shapeblue.com>> wrote:
>>>>
>>>> Hi Bobby,
>>>>
>>>>
>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static
>>>> checker with commands.properties work, admins will be required to add/update
>>>> new API/ACLs in the commands.properties file.
>>>>
>>>> Adding the following to commands.properties file and restarting mgmt server
>>>> fixes the issue:
>>>>
>>>> quotaIsEnabled=15
>>>>
>>>>
>>>> Please continue testing, thanks.
>>>>
>>>>
>>>> - Rohit
>>>>
>>>> <https://cloudstack.apache.org>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Boris Stoyanov
>>>> <bo...@shapeblue.com>>
>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>> I think I’ve hit a blocker when upgrading to 4.11
>>>>
>>>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>>
>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session
>>>> expired immediately.
>>>>
>>>> Regards,
>>>> Boris Stoyanov
>>>>
>>>>
>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>> @shapeblue
>>>>
>>>>
>>>>
>>>>
>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>> @shapeblue
>>>>
>>>>
>>>>
>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>>> <Mi...@netapp.com>>>
>>>> wrote:
>>>>
>>>> Hi everyone,
>>>>
>>>> For the past couple days, I have been running the KVM managed-storage
>>>> regression-test suite against RC1.
>>>>
>>>> With the exception of one issue (more on this below), all of these tests have
>>>> passed.
>>>>
>>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>>
>>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>>> managed-storage tests.
>>>>
>>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>>> suspect all of those tests will come back successful.
>>>>
>>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>>
>>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>>> from NFS or Ceph to managed storage.
>>>>
>>>> During the code-review process, I made a change per a suggestion and it
>>>> introduced an issue with this feature. The solution is just a couple lines of
>>>> code and only impacts this one use case. If you are testing this release
>>>> candidate and don’t really care about this particular feature, it should not at
>>>> all impact your ability to test RC1.
>>>>
>>>> Thanks!
>>>> Mike
>>>>
>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>>> <ro...@apache.org>>>
>>>> wrote:
>>>>
>>>> Hi All,
>>>>
>>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>>> testing and a vote:
>>>>
>>>> Git Branch and Commit SH:
>>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>>
>>>> Source release (checksums and signatures are available at the same
>>>> location):
>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>>
>>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>>
>>>> The vote will be open for 72 hours.
>>>>
>>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>>> "(binding)" with their vote?
>>>>
>>>> [ ] +1 approve
>>>> [ ] +0 no opinion
>>>> [ ] -1 disapprove (and reason why)
>>>>
>>>> Additional information:
>>>>
>>>> For users' convenience, I've built packages from
>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>>
>>>> The release notes are still work-in-progress, but the systemvmtemplate
>>>> upgrade section has been updated. You may refer the following for
>>>> systemvmtemplate upgrade testing:
>>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>>
>>>> 4.11 systemvmtemplates are available from here:
>>>> https://download.cloudstack.org/systemvm/4.11/
>>>>
>>>> Regards,
> >>> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Nux! <nu...@li.nux.ro>.
Hi Paul,
To be honest I do not remember when I last saw this, as I have not been testing ACS in 2017.
You'd kill a HV, the VMs would pop up on another after a few minutes.
Even with Host HA, the VMs remain down until the hypervisor is back up, restarted by OOBM - however if that HV has suffered a HW fault and needs to be removed, then those VM will be down for a long time ...
Unless I got things quite wrong, (VM) HA - one of the big selling points of ACS - is essentially broken?
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Paul Angus" <pa...@shapeblue.com>
> To: "users" <us...@cloudstack.apache.org>, "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 16:02:54
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Hi Nux,
>
> When have you seen the VMs on KVM behaving in the manner which you are
> expecting? I recall it didn’t work that way in the mid 4.5 versions (we found
> out the hard way in front of a customer) and it doesn't behave the way you are
> expecting 4.9 - I've just tested it.
>
> You need host-ha enabled to get reliable HA in the event of a host crash, that
> is why we developed the host ha feature.
>
> Kind regards,
>
> Paul Angus
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -----Original Message-----
> From: Nux! [mailto:nux@li.nux.ro]
> Sent: 23 January 2018 15:06
> To: dev <de...@cloudstack.apache.org>
> Cc: users <us...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Rohit,
>
> I'll also have to insist with the VM HA issue.
> https://issues.apache.org/jira/browse/CLOUDSTACK-10246
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> ----- Original Message -----
>> From: "Rohit Yadav" <ro...@shapeblue.com>
>> To: "dev" <de...@cloudstack.apache.org>, "users"
>> <us...@cloudstack.apache.org>
>> Sent: Tuesday, 23 January, 2018 14:28:34
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>> All,
>>
>>
>> Given we've outstanding blockers and PRs in review/testing, I'll cut
>> RC2 only after we manage to get them reviewed, tested and merged.
>>
>>
>> The outstanding PRs considered for RC2 are:
>>
>> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
>> for security groups)
>>
>> https://github.com/apache/cloudstack/pull/2419 (Password server issue)
>>
>>
>> In addition we've following issues to receive fixes:
>>
>> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>>
>> - Dynamic roles upgrade fixes:
>> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>>
>>
>> Please share any other issues you've found, or I've missed. Thanks,
>> and continue testing RC1.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Rohit Yadav <ro...@shapeblue.com>
>> Sent: Monday, January 22, 2018 11:18:27 AM
>> To: Paul Angus; users@cloudstack.apache.org; dev@cloudstack.apache.org
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
>> had discussed this as a doc bug and so it must be documented part of
>> the 4.11 release notes as well.
>>
>>
>> There are two ways admin can migrate to dynamic roles post-upgrade:
>>
>>
>> 1. Enable dynamic.apichecker.enabled to true which will use the
>> default api mapping of rules from 4.8 commands.properties and
>> automatic annotation based and (db-backed) dynamic rules from 4.9+.
>> Or,
>>
>> 2. The migration script is only useful where admins were not using
>> the default api rule mappings and they strictly want to check/migrate
>> each API. This approach requires admins to go through new APIs and
>> fix commands.properties before running the migration scriopt (we've
>> been sharing the new/change API list in release notes, for example:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
>> (for reference, doc:
>>
>> http://docs.cloudstack.apache.org/projects/cloudstack-administration/e
>> n/latest/accounts.html#using-dynamic-roles)
>>
>>
>> Unlike the dynamic API checker, the static checker does not even allow
>> the root API to access all the APIs which is why post upgrade, if the
>> UI calls any API that is not allowed for the root admin (in this case
>> the quotaIsEnabled API) the UI will logout the user on API unauthorized failure
>> which is what happened.
>>
>>
>> So, we can discuss two fixes:
>>
>> - Like dynamic checker, let the static checker allow all APIs only to
>> the root admin (id=1) (I would not prefer to change the legacy
>> behaviour though)
>>
>> - During upgrade, if commands.properties is missing we set the global
>> setting to true, i.e. switch to dynamic roles (which would happen if
>> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
>> they fail to copy the commands.properties file from /usr/share or /etc paths).
>>
>>
>> Thoughts?
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Paul Angus
>> Sent: Monday, January 22, 2018 9:24:25 AM
>> To: users@cloudstack.apache.org
>> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
>> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> If I've understood the issue correctly, "not being able to log in if upgrading
>> from 4.5" is a blocker in my book. I don't think that it should be the duty
>> of the Admin, to fix our oversights. Migration to the use of dynamic
>> roles is also broken as the command will be missing from
>> commands.properties in the first place, so the 'migrated' commands will not be
>> complete.
>>
>> As there will need to be an RC2, IMO this upgrade issue should be
>> fixed as part of it.
>>
>>
>>
>> Kind regards,
>>
>> Paul Angus
>>
>>
>> VP Technology
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>> -----Original Message-----
>> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
>> Sent: 22 January 2018 07:31
>> To: users@cloudstack.apache.org
>> Cc: Rohit Yadav <ro...@shapeblue.com>;
>> dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Paul,
>> Migration script considers only what’s in the command.properties file,
>> so if the ‘missing’ quotaIsEnabled=15 is not there it will not create
>> a rule for it. As Rohit mentioned it’s a duty of the admin to take
>> care of aligning this up. I’m also not big fan of having this
>> described in release notes, but would like to be included
>> automatically during upgrade. Main argument against it, its not a blocker.
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>>
>>> OK, just to confirm ‘we’ the community have basically deprecated the
>>> use of commands.properties?
>>>
>>> But for people upgrading from a version before dynamic roles, does
>>> the migration script take into account (or need to take into account) the
>>> ‘missing’
>>> quotaIsEnabled=15 parameter?
>>>
>>>
>>>
>>>
>>> paul.angus@shapeblue.com
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>> From: Rohit Yadav
>>> Sent: 19 January 2018 09:27
>>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>>> Paul Angus <pa...@shapeblue.com>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>>
>>> Hi Bobby,
>>>
>>>
>>>
>>> Agree, it's not user-friendly which is why admins should migrate to
>>> the dynamic roles feature. But I'm not sure if this is a blocker and
>>> if an admin wants to stick to the old static (commands.properties)
>>> way, they need to manage changes themselves. We may add something to
>>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>>
>>>
>>>
>>> - Rohit
>>>
>>>
>>>
>>> Software Architect
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov
>>> <bo...@shapeblue.com>>
>>> Sent: Friday, January 19, 2018 2:51:32 PM
>>> To: users
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> Hi Rohit,
>>>
>>> That doesn’t sound much user friendly what do you think? Can we look
>>> for a way to automate this dependency in the upgrade process?
>>>
>>> Bobby.
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>>
>>>
>>>
>>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>>> <ro...@shapeblue.com>> wrote:
>>>>
>>>> Hi Bobby,
>>>>
>>>>
>>>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static
>>>> checker with commands.properties work, admins will be required to add/update
>>>> new API/ACLs in the commands.properties file.
>>>>
>>>> Adding the following to commands.properties file and restarting mgmt server
>>>> fixes the issue:
>>>>
>>>> quotaIsEnabled=15
>>>>
>>>>
>>>> Please continue testing, thanks.
>>>>
>>>>
>>>> - Rohit
>>>>
>>>> <https://cloudstack.apache.org>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> From: Boris Stoyanov
>>>> <bo...@shapeblue.com>>
>>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>>
>>>> I think I’ve hit a blocker when upgrading to 4.11
>>>>
>>>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>>
>>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session
>>>> expired immediately.
>>>>
>>>> Regards,
>>>> Boris Stoyanov
>>>>
>>>>
>>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>> @shapeblue
>>>>
>>>>
>>>>
>>>>
>>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>>> www.shapeblue.com<http://www.shapeblue.com>
>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>> @shapeblue
>>>>
>>>>
>>>>
>>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>>> <Mi...@netapp.com>>>
>>>> wrote:
>>>>
>>>> Hi everyone,
>>>>
>>>> For the past couple days, I have been running the KVM managed-storage
>>>> regression-test suite against RC1.
>>>>
>>>> With the exception of one issue (more on this below), all of these tests have
>>>> passed.
>>>>
>>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>>
>>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>>> managed-storage tests.
>>>>
>>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>>> suspect all of those tests will come back successful.
>>>>
>>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>>
>>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>>> from NFS or Ceph to managed storage.
>>>>
>>>> During the code-review process, I made a change per a suggestion and it
>>>> introduced an issue with this feature. The solution is just a couple lines of
>>>> code and only impacts this one use case. If you are testing this release
>>>> candidate and don’t really care about this particular feature, it should not at
>>>> all impact your ability to test RC1.
>>>>
>>>> Thanks!
>>>> Mike
>>>>
>>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>>> <ro...@apache.org>>>
>>>> wrote:
>>>>
>>>> Hi All,
>>>>
>>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>>> testing and a vote:
>>>>
>>>> Git Branch and Commit SH:
>>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>>
>>>> Source release (checksums and signatures are available at the same
>>>> location):
>>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>>
>>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>>
>>>> The vote will be open for 72 hours.
>>>>
>>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>>> "(binding)" with their vote?
>>>>
>>>> [ ] +1 approve
>>>> [ ] +0 no opinion
>>>> [ ] -1 disapprove (and reason why)
>>>>
>>>> Additional information:
>>>>
>>>> For users' convenience, I've built packages from
>>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>>
>>>> The release notes are still work-in-progress, but the systemvmtemplate
>>>> upgrade section has been updated. You may refer the following for
>>>> systemvmtemplate upgrade testing:
>>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>>
>>>> 4.11 systemvmtemplates are available from here:
>>>> https://download.cloudstack.org/systemvm/4.11/
>>>>
>>>> Regards,
> >>> Rohit Yadav
RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Paul Angus <pa...@shapeblue.com>.
Hi Nux,
When have you seen the VMs on KVM behaving in the manner which you are expecting? I recall it didn’t work that way in the mid 4.5 versions (we found out the hard way in front of a customer) and it doesn't behave the way you are expecting 4.9 - I've just tested it.
You need host-ha enabled to get reliable HA in the event of a host crash, that is why we developed the host ha feature.
Kind regards,
Paul Angus
paul.angus@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-----Original Message-----
From: Nux! [mailto:nux@li.nux.ro]
Sent: 23 January 2018 15:06
To: dev <de...@cloudstack.apache.org>
Cc: users <us...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Rohit,
I'll also have to insist with the VM HA issue.
https://issues.apache.org/jira/browse/CLOUDSTACK-10246
Lucian
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Rohit Yadav" <ro...@shapeblue.com>
> To: "dev" <de...@cloudstack.apache.org>, "users"
> <us...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 14:28:34
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> All,
>
>
> Given we've outstanding blockers and PRs in review/testing, I'll cut
> RC2 only after we manage to get them reviewed, tested and merged.
>
>
> The outstanding PRs considered for RC2 are:
>
> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
> for security groups)
>
> https://github.com/apache/cloudstack/pull/2419 (Password server issue)
>
>
> In addition we've following issues to receive fixes:
>
> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>
> - Dynamic roles upgrade fixes:
> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>
>
> Please share any other issues you've found, or I've missed. Thanks,
> and continue testing RC1.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Rohit Yadav <ro...@shapeblue.com>
> Sent: Monday, January 22, 2018 11:18:27 AM
> To: Paul Angus; users@cloudstack.apache.org; dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
> had discussed this as a doc bug and so it must be documented part of
> the 4.11 release notes as well.
>
>
> There are two ways admin can migrate to dynamic roles post-upgrade:
>
>
> 1. Enable dynamic.apichecker.enabled to true which will use the
> default api mapping of rules from 4.8 commands.properties and
> automatic annotation based and (db-backed) dynamic rules from 4.9+.
> Or,
>
> 2. The migration script is only useful where admins were not using
> the default api rule mappings and they strictly want to check/migrate
> each API. This approach requires admins to go through new APIs and
> fix commands.properties before running the migration scriopt (we've
> been sharing the new/change API list in release notes, for example:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
> (for reference, doc:
>
> http://docs.cloudstack.apache.org/projects/cloudstack-administration/e
> n/latest/accounts.html#using-dynamic-roles)
>
>
> Unlike the dynamic API checker, the static checker does not even allow
> the root API to access all the APIs which is why post upgrade, if the
> UI calls any API that is not allowed for the root admin (in this case
> the quotaIsEnabled API) the UI will logout the user on API unauthorized failure which is what happened.
>
>
> So, we can discuss two fixes:
>
> - Like dynamic checker, let the static checker allow all APIs only to
> the root admin (id=1) (I would not prefer to change the legacy
> behaviour though)
>
> - During upgrade, if commands.properties is missing we set the global
> setting to true, i.e. switch to dynamic roles (which would happen if
> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
> they fail to copy the commands.properties file from /usr/share or /etc paths).
>
>
> Thoughts?
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
> From: Paul Angus
> Sent: Monday, January 22, 2018 9:24:25 AM
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> If I've understood the issue correctly, "not being able to log in if upgrading
> from 4.5" is a blocker in my book. I don't think that it should be the duty
> of the Admin, to fix our oversights. Migration to the use of dynamic
> roles is also broken as the command will be missing from
> commands.properties in the first place, so the 'migrated' commands will not be complete.
>
> As there will need to be an RC2, IMO this upgrade issue should be
> fixed as part of it.
>
>
>
> Kind regards,
>
> Paul Angus
>
>
> VP Technology
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
> -----Original Message-----
> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> Sent: 22 January 2018 07:31
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav <ro...@shapeblue.com>;
> dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
> Migration script considers only what’s in the command.properties file,
> so if the ‘missing’ quotaIsEnabled=15 is not there it will not create
> a rule for it. As Rohit mentioned it’s a duty of the admin to take
> care of aligning this up. I’m also not big fan of having this
> described in release notes, but would like to be included
> automatically during upgrade. Main argument against it, its not a blocker.
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>
>> OK, just to confirm ‘we’ the community have basically deprecated the
>> use of commands.properties?
>>
>> But for people upgrading from a version before dynamic roles, does
>> the migration script take into account (or need to take into account) the ‘missing’
>> quotaIsEnabled=15 parameter?
>>
>>
>>
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Rohit Yadav
>> Sent: 19 January 2018 09:27
>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>> Paul Angus <pa...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>
>> Hi Bobby,
>>
>>
>>
>> Agree, it's not user-friendly which is why admins should migrate to
>> the dynamic roles feature. But I'm not sure if this is a blocker and
>> if an admin wants to stick to the old static (commands.properties)
>> way, they need to manage changes themselves. We may add something to
>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>
>>
>>
>> - Rohit
>>
>>
>>
>> Software Architect
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov
>> <bo...@shapeblue.com>>
>> Sent: Friday, January 19, 2018 2:51:32 PM
>> To: users
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Rohit,
>>
>> That doesn’t sound much user friendly what do you think? Can we look
>> for a way to automate this dependency in the upgrade process?
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>> <ro...@shapeblue.com>> wrote:
>>>
>>> Hi Bobby,
>>>
>>>
>>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static
>>> checker with commands.properties work, admins will be required to add/update
>>> new API/ACLs in the commands.properties file.
>>>
>>> Adding the following to commands.properties file and restarting mgmt server
>>> fixes the issue:
>>>
>>> quotaIsEnabled=15
>>>
>>>
>>> Please continue testing, thanks.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov
>>> <bo...@shapeblue.com>>
>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> I think I’ve hit a blocker when upgrading to 4.11
>>>
>>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>
>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session
>>> expired immediately.
>>>
>>> Regards,
>>> Boris Stoyanov
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>> <Mi...@netapp.com>>>
>>> wrote:
>>>
>>> Hi everyone,
>>>
>>> For the past couple days, I have been running the KVM managed-storage
>>> regression-test suite against RC1.
>>>
>>> With the exception of one issue (more on this below), all of these tests have
>>> passed.
>>>
>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>
>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>> managed-storage tests.
>>>
>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>> suspect all of those tests will come back successful.
>>>
>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>
>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>> from NFS or Ceph to managed storage.
>>>
>>> During the code-review process, I made a change per a suggestion and it
>>> introduced an issue with this feature. The solution is just a couple lines of
>>> code and only impacts this one use case. If you are testing this release
>>> candidate and don’t really care about this particular feature, it should not at
>>> all impact your ability to test RC1.
>>>
>>> Thanks!
>>> Mike
>>>
>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>> <ro...@apache.org>>>
>>> wrote:
>>>
>>> Hi All,
>>>
>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>> testing and a vote:
>>>
>>> Git Branch and Commit SH:
>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>
>>> Source release (checksums and signatures are available at the same
>>> location):
>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>
>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>
>>> The vote will be open for 72 hours.
>>>
>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>> "(binding)" with their vote?
>>>
>>> [ ] +1 approve
>>> [ ] +0 no opinion
>>> [ ] -1 disapprove (and reason why)
>>>
>>> Additional information:
>>>
>>> For users' convenience, I've built packages from
>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>
>>> The release notes are still work-in-progress, but the systemvmtemplate
>>> upgrade section has been updated. You may refer the following for
>>> systemvmtemplate upgrade testing:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>
>>> 4.11 systemvmtemplates are available from here:
>>> https://download.cloudstack.org/systemvm/4.11/
>>>
>>> Regards,
>>> Rohit Yadav
RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Paul Angus <pa...@shapeblue.com>.
Hi Nux,
When have you seen the VMs on KVM behaving in the manner which you are expecting? I recall it didn’t work that way in the mid 4.5 versions (we found out the hard way in front of a customer) and it doesn't behave the way you are expecting 4.9 - I've just tested it.
You need host-ha enabled to get reliable HA in the event of a host crash, that is why we developed the host ha feature.
Kind regards,
Paul Angus
paul.angus@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-----Original Message-----
From: Nux! [mailto:nux@li.nux.ro]
Sent: 23 January 2018 15:06
To: dev <de...@cloudstack.apache.org>
Cc: users <us...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Rohit,
I'll also have to insist with the VM HA issue.
https://issues.apache.org/jira/browse/CLOUDSTACK-10246
Lucian
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Rohit Yadav" <ro...@shapeblue.com>
> To: "dev" <de...@cloudstack.apache.org>, "users"
> <us...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 14:28:34
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> All,
>
>
> Given we've outstanding blockers and PRs in review/testing, I'll cut
> RC2 only after we manage to get them reviewed, tested and merged.
>
>
> The outstanding PRs considered for RC2 are:
>
> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules
> for security groups)
>
> https://github.com/apache/cloudstack/pull/2419 (Password server issue)
>
>
> In addition we've following issues to receive fixes:
>
> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>
> - Dynamic roles upgrade fixes:
> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>
>
> Please share any other issues you've found, or I've missed. Thanks,
> and continue testing RC1.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Rohit Yadav <ro...@shapeblue.com>
> Sent: Monday, January 22, 2018 11:18:27 AM
> To: Paul Angus; users@cloudstack.apache.org; dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we
> had discussed this as a doc bug and so it must be documented part of
> the 4.11 release notes as well.
>
>
> There are two ways admin can migrate to dynamic roles post-upgrade:
>
>
> 1. Enable dynamic.apichecker.enabled to true which will use the
> default api mapping of rules from 4.8 commands.properties and
> automatic annotation based and (db-backed) dynamic rules from 4.9+.
> Or,
>
> 2. The migration script is only useful where admins were not using
> the default api rule mappings and they strictly want to check/migrate
> each API. This approach requires admins to go through new APIs and
> fix commands.properties before running the migration scriopt (we've
> been sharing the new/change API list in release notes, for example:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
> (for reference, doc:
>
> http://docs.cloudstack.apache.org/projects/cloudstack-administration/e
> n/latest/accounts.html#using-dynamic-roles)
>
>
> Unlike the dynamic API checker, the static checker does not even allow
> the root API to access all the APIs which is why post upgrade, if the
> UI calls any API that is not allowed for the root admin (in this case
> the quotaIsEnabled API) the UI will logout the user on API unauthorized failure which is what happened.
>
>
> So, we can discuss two fixes:
>
> - Like dynamic checker, let the static checker allow all APIs only to
> the root admin (id=1) (I would not prefer to change the legacy
> behaviour though)
>
> - During upgrade, if commands.properties is missing we set the global
> setting to true, i.e. switch to dynamic roles (which would happen if
> someone tries to upgrade from 4.5->4.11 using a new mgmt server if
> they fail to copy the commands.properties file from /usr/share or /etc paths).
>
>
> Thoughts?
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
> From: Paul Angus
> Sent: Monday, January 22, 2018 9:24:25 AM
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> If I've understood the issue correctly, "not being able to log in if upgrading
> from 4.5" is a blocker in my book. I don't think that it should be the duty
> of the Admin, to fix our oversights. Migration to the use of dynamic
> roles is also broken as the command will be missing from
> commands.properties in the first place, so the 'migrated' commands will not be complete.
>
> As there will need to be an RC2, IMO this upgrade issue should be
> fixed as part of it.
>
>
>
> Kind regards,
>
> Paul Angus
>
>
> VP Technology
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
> -----Original Message-----
> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> Sent: 22 January 2018 07:31
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav <ro...@shapeblue.com>;
> dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
> Migration script considers only what’s in the command.properties file,
> so if the ‘missing’ quotaIsEnabled=15 is not there it will not create
> a rule for it. As Rohit mentioned it’s a duty of the admin to take
> care of aligning this up. I’m also not big fan of having this
> described in release notes, but would like to be included
> automatically during upgrade. Main argument against it, its not a blocker.
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>
>> OK, just to confirm ‘we’ the community have basically deprecated the
>> use of commands.properties?
>>
>> But for people upgrading from a version before dynamic roles, does
>> the migration script take into account (or need to take into account) the ‘missing’
>> quotaIsEnabled=15 parameter?
>>
>>
>>
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Rohit Yadav
>> Sent: 19 January 2018 09:27
>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org;
>> Paul Angus <pa...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>
>> Hi Bobby,
>>
>>
>>
>> Agree, it's not user-friendly which is why admins should migrate to
>> the dynamic roles feature. But I'm not sure if this is a blocker and
>> if an admin wants to stick to the old static (commands.properties)
>> way, they need to manage changes themselves. We may add something to
>> the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>
>>
>>
>> - Rohit
>>
>>
>>
>> Software Architect
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov
>> <bo...@shapeblue.com>>
>> Sent: Friday, January 19, 2018 2:51:32 PM
>> To: users
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Rohit,
>>
>> That doesn’t sound much user friendly what do you think? Can we look
>> for a way to automate this dependency in the upgrade process?
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>> <ro...@shapeblue.com>> wrote:
>>>
>>> Hi Bobby,
>>>
>>>
>>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static
>>> checker with commands.properties work, admins will be required to add/update
>>> new API/ACLs in the commands.properties file.
>>>
>>> Adding the following to commands.properties file and restarting mgmt server
>>> fixes the issue:
>>>
>>> quotaIsEnabled=15
>>>
>>>
>>> Please continue testing, thanks.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov
>>> <bo...@shapeblue.com>>
>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> I think I’ve hit a blocker when upgrading to 4.11
>>>
>>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>
>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session
>>> expired immediately.
>>>
>>> Regards,
>>> Boris Stoyanov
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>> <Mi...@netapp.com>>>
>>> wrote:
>>>
>>> Hi everyone,
>>>
>>> For the past couple days, I have been running the KVM managed-storage
>>> regression-test suite against RC1.
>>>
>>> With the exception of one issue (more on this below), all of these tests have
>>> passed.
>>>
>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>
>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>> managed-storage tests.
>>>
>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>> suspect all of those tests will come back successful.
>>>
>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>
>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>> from NFS or Ceph to managed storage.
>>>
>>> During the code-review process, I made a change per a suggestion and it
>>> introduced an issue with this feature. The solution is just a couple lines of
>>> code and only impacts this one use case. If you are testing this release
>>> candidate and don’t really care about this particular feature, it should not at
>>> all impact your ability to test RC1.
>>>
>>> Thanks!
>>> Mike
>>>
>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>> <ro...@apache.org>>>
>>> wrote:
>>>
>>> Hi All,
>>>
>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>> testing and a vote:
>>>
>>> Git Branch and Commit SH:
>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>
>>> Source release (checksums and signatures are available at the same
>>> location):
>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>
>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>
>>> The vote will be open for 72 hours.
>>>
>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>> "(binding)" with their vote?
>>>
>>> [ ] +1 approve
>>> [ ] +0 no opinion
>>> [ ] -1 disapprove (and reason why)
>>>
>>> Additional information:
>>>
>>> For users' convenience, I've built packages from
>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>
>>> The release notes are still work-in-progress, but the systemvmtemplate
>>> upgrade section has been updated. You may refer the following for
>>> systemvmtemplate upgrade testing:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>
>>> 4.11 systemvmtemplates are available from here:
>>> https://download.cloudstack.org/systemvm/4.11/
>>>
>>> Regards,
>>> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Nux! <nu...@li.nux.ro>.
Rohit,
I'll also have to insist with the VM HA issue.
https://issues.apache.org/jira/browse/CLOUDSTACK-10246
Lucian
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Rohit Yadav" <ro...@shapeblue.com>
> To: "dev" <de...@cloudstack.apache.org>, "users" <us...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 14:28:34
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> All,
>
>
> Given we've outstanding blockers and PRs in review/testing, I'll cut RC2 only
> after we manage to get them reviewed, tested and merged.
>
>
> The outstanding PRs considered for RC2 are:
>
> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules for
> security groups)
>
> https://github.com/apache/cloudstack/pull/2419 (Password server issue)
>
>
> In addition we've following issues to receive fixes:
>
> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>
> - Dynamic roles upgrade fixes:
> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>
>
> Please share any other issues you've found, or I've missed. Thanks, and continue
> testing RC1.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Rohit Yadav <ro...@shapeblue.com>
> Sent: Monday, January 22, 2018 11:18:27 AM
> To: Paul Angus; users@cloudstack.apache.org; dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we had
> discussed this as a doc bug and so it must be documented part of the 4.11
> release notes as well.
>
>
> There are two ways admin can migrate to dynamic roles post-upgrade:
>
>
> 1. Enable dynamic.apichecker.enabled to true which will use the default api
> mapping of rules from 4.8 commands.properties and automatic annotation based
> and (db-backed) dynamic rules from 4.9+. Or,
>
> 2. The migration script is only useful where admins were not using the default
> api rule mappings and they strictly want to check/migrate each API. This
> approach requires admins to go through new APIs and fix commands.properties
> before running the migration scriopt (we've been sharing the new/change API
> list in release notes, for example:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
> (for reference, doc:
> http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/latest/accounts.html#using-dynamic-roles)
>
>
> Unlike the dynamic API checker, the static checker does not even allow the root
> API to access all the APIs which is why post upgrade, if the UI calls any API
> that is not allowed for the root admin (in this case the quotaIsEnabled API)
> the UI will logout the user on API unauthorized failure which is what happened.
>
>
> So, we can discuss two fixes:
>
> - Like dynamic checker, let the static checker allow all APIs only to the root
> admin (id=1) (I would not prefer to change the legacy behaviour though)
>
> - During upgrade, if commands.properties is missing we set the global setting to
> true, i.e. switch to dynamic roles (which would happen if someone tries to
> upgrade from 4.5->4.11 using a new mgmt server if they fail to copy the
> commands.properties file from /usr/share or /etc paths).
>
>
> Thoughts?
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> From: Paul Angus
> Sent: Monday, January 22, 2018 9:24:25 AM
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> If I've understood the issue correctly, "not being able to log in if upgrading
> from 4.5" is a blocker in my book. I don't think that it should be the duty
> of the Admin, to fix our oversights. Migration to the use of dynamic roles is
> also broken as the command will be missing from commands.properties in the
> first place, so the 'migrated' commands will not be complete.
>
> As there will need to be an RC2, IMO this upgrade issue should be fixed as part
> of it.
>
>
>
> Kind regards,
>
> Paul Angus
>
>
> VP Technology
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
> -----Original Message-----
> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> Sent: 22 January 2018 07:31
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan
> Hoogland <da...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
> Migration script considers only what’s in the command.properties file, so if the
> ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As
> Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m
> also not big fan of having this described in release notes, but would like to
> be included automatically during upgrade. Main argument against it, its not a
> blocker.
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>
>> OK, just to confirm ‘we’ the community have basically deprecated the use of
>> commands.properties?
>>
>> But for people upgrading from a version before dynamic roles, does the
>> migration script take into account (or need to take into account) the ‘missing’
>> quotaIsEnabled=15 parameter?
>>
>>
>>
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Rohit Yadav
>> Sent: 19 January 2018 09:27
>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus
>> <pa...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>
>> Hi Bobby,
>>
>>
>>
>> Agree, it's not user-friendly which is why admins should migrate to the dynamic
>> roles feature. But I'm not sure if this is a blocker and if an admin wants to
>> stick to the old static (commands.properties) way, they need to manage changes
>> themselves. We may add something to the release notes /cc @Paul
>> Angus<ma...@shapeblue.com>.
>>
>>
>>
>> - Rohit
>>
>>
>>
>> Software Architect
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov
>> <bo...@shapeblue.com>>
>> Sent: Friday, January 19, 2018 2:51:32 PM
>> To: users
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Rohit,
>>
>> That doesn’t sound much user friendly what do you think? Can we look for a way
>> to automate this dependency in the upgrade process?
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>> <ro...@shapeblue.com>> wrote:
>>>
>>> Hi Bobby,
>>>
>>>
>>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static
>>> checker with commands.properties work, admins will be required to add/update
>>> new API/ACLs in the commands.properties file.
>>>
>>> Adding the following to commands.properties file and restarting mgmt server
>>> fixes the issue:
>>>
>>> quotaIsEnabled=15
>>>
>>>
>>> Please continue testing, thanks.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov
>>> <bo...@shapeblue.com>>
>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> I think I’ve hit a blocker when upgrading to 4.11
>>>
>>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>
>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session
>>> expired immediately.
>>>
>>> Regards,
>>> Boris Stoyanov
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>> <Mi...@netapp.com>>>
>>> wrote:
>>>
>>> Hi everyone,
>>>
>>> For the past couple days, I have been running the KVM managed-storage
>>> regression-test suite against RC1.
>>>
>>> With the exception of one issue (more on this below), all of these tests have
>>> passed.
>>>
>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>
>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>> managed-storage tests.
>>>
>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>> suspect all of those tests will come back successful.
>>>
>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>
>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>> from NFS or Ceph to managed storage.
>>>
>>> During the code-review process, I made a change per a suggestion and it
>>> introduced an issue with this feature. The solution is just a couple lines of
>>> code and only impacts this one use case. If you are testing this release
>>> candidate and don’t really care about this particular feature, it should not at
>>> all impact your ability to test RC1.
>>>
>>> Thanks!
>>> Mike
>>>
>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>> <ro...@apache.org>>>
>>> wrote:
>>>
>>> Hi All,
>>>
>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>> testing and a vote:
>>>
>>> Git Branch and Commit SH:
>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>
>>> Source release (checksums and signatures are available at the same
>>> location):
>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>
>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>
>>> The vote will be open for 72 hours.
>>>
>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>> "(binding)" with their vote?
>>>
>>> [ ] +1 approve
>>> [ ] +0 no opinion
>>> [ ] -1 disapprove (and reason why)
>>>
>>> Additional information:
>>>
>>> For users' convenience, I've built packages from
>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>
>>> The release notes are still work-in-progress, but the systemvmtemplate
>>> upgrade section has been updated. You may refer the following for
>>> systemvmtemplate upgrade testing:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>
>>> 4.11 systemvmtemplates are available from here:
>>> https://download.cloudstack.org/systemvm/4.11/
>>>
>>> Regards,
>>> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Nux! <nu...@li.nux.ro>.
Rohit,
I'll also have to insist with the VM HA issue.
https://issues.apache.org/jira/browse/CLOUDSTACK-10246
Lucian
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Rohit Yadav" <ro...@shapeblue.com>
> To: "dev" <de...@cloudstack.apache.org>, "users" <us...@cloudstack.apache.org>
> Sent: Tuesday, 23 January, 2018 14:28:34
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> All,
>
>
> Given we've outstanding blockers and PRs in review/testing, I'll cut RC2 only
> after we manage to get them reviewed, tested and merged.
>
>
> The outstanding PRs considered for RC2 are:
>
> https://github.com/apache/cloudstack/pull/2418 (Properly parse rules for
> security groups)
>
> https://github.com/apache/cloudstack/pull/2419 (Password server issue)
>
>
> In addition we've following issues to receive fixes:
>
> - VR - DHCP/dnsmasq leases issue (reported by Ozhan)
>
> - Dynamic roles upgrade fixes:
> https://issues.apache.org/jira/browse/CLOUDSTACK-10249
>
>
> Please share any other issues you've found, or I've missed. Thanks, and continue
> testing RC1.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Rohit Yadav <ro...@shapeblue.com>
> Sent: Monday, January 22, 2018 11:18:27 AM
> To: Paul Angus; users@cloudstack.apache.org; dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> The same issue applies to any 4.9, 4.10 release. In case of 4.9, we had
> discussed this as a doc bug and so it must be documented part of the 4.11
> release notes as well.
>
>
> There are two ways admin can migrate to dynamic roles post-upgrade:
>
>
> 1. Enable dynamic.apichecker.enabled to true which will use the default api
> mapping of rules from 4.8 commands.properties and automatic annotation based
> and (db-backed) dynamic rules from 4.9+. Or,
>
> 2. The migration script is only useful where admins were not using the default
> api rule mappings and they strictly want to check/migrate each API. This
> approach requires admins to go through new APIs and fix commands.properties
> before running the migration scriopt (we've been sharing the new/change API
> list in release notes, for example:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands).
> (for reference, doc:
> http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/latest/accounts.html#using-dynamic-roles)
>
>
> Unlike the dynamic API checker, the static checker does not even allow the root
> API to access all the APIs which is why post upgrade, if the UI calls any API
> that is not allowed for the root admin (in this case the quotaIsEnabled API)
> the UI will logout the user on API unauthorized failure which is what happened.
>
>
> So, we can discuss two fixes:
>
> - Like dynamic checker, let the static checker allow all APIs only to the root
> admin (id=1) (I would not prefer to change the legacy behaviour though)
>
> - During upgrade, if commands.properties is missing we set the global setting to
> true, i.e. switch to dynamic roles (which would happen if someone tries to
> upgrade from 4.5->4.11 using a new mgmt server if they fail to copy the
> commands.properties file from /usr/share or /etc paths).
>
>
> Thoughts?
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> From: Paul Angus
> Sent: Monday, January 22, 2018 9:24:25 AM
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
> Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> If I've understood the issue correctly, "not being able to log in if upgrading
> from 4.5" is a blocker in my book. I don't think that it should be the duty
> of the Admin, to fix our oversights. Migration to the use of dynamic roles is
> also broken as the command will be missing from commands.properties in the
> first place, so the 'migrated' commands will not be complete.
>
> As there will need to be an RC2, IMO this upgrade issue should be fixed as part
> of it.
>
>
>
> Kind regards,
>
> Paul Angus
>
>
> VP Technology
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
> -----Original Message-----
> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> Sent: 22 January 2018 07:31
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan
> Hoogland <da...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
> Migration script considers only what’s in the command.properties file, so if the
> ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As
> Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m
> also not big fan of having this described in release notes, but would like to
> be included automatically during upgrade. Main argument against it, its not a
> blocker.
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>
>> OK, just to confirm ‘we’ the community have basically deprecated the use of
>> commands.properties?
>>
>> But for people upgrading from a version before dynamic roles, does the
>> migration script take into account (or need to take into account) the ‘missing’
>> quotaIsEnabled=15 parameter?
>>
>>
>>
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Rohit Yadav
>> Sent: 19 January 2018 09:27
>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus
>> <pa...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>
>> Hi Bobby,
>>
>>
>>
>> Agree, it's not user-friendly which is why admins should migrate to the dynamic
>> roles feature. But I'm not sure if this is a blocker and if an admin wants to
>> stick to the old static (commands.properties) way, they need to manage changes
>> themselves. We may add something to the release notes /cc @Paul
>> Angus<ma...@shapeblue.com>.
>>
>>
>>
>> - Rohit
>>
>>
>>
>> Software Architect
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov
>> <bo...@shapeblue.com>>
>> Sent: Friday, January 19, 2018 2:51:32 PM
>> To: users
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Rohit,
>>
>> That doesn’t sound much user friendly what do you think? Can we look for a way
>> to automate this dependency in the upgrade process?
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 10:50, Rohit Yadav
>>> <ro...@shapeblue.com>> wrote:
>>>
>>> Hi Bobby,
>>>
>>>
>>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static
>>> checker with commands.properties work, admins will be required to add/update
>>> new API/ACLs in the commands.properties file.
>>>
>>> Adding the following to commands.properties file and restarting mgmt server
>>> fixes the issue:
>>>
>>> quotaIsEnabled=15
>>>
>>>
>>> Please continue testing, thanks.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov
>>> <bo...@shapeblue.com>>
>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> I think I’ve hit a blocker when upgrading to 4.11
>>>
>>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>
>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session
>>> expired immediately.
>>>
>>> Regards,
>>> Boris Stoyanov
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike
>>> <Mi...@netapp.com>>>
>>> wrote:
>>>
>>> Hi everyone,
>>>
>>> For the past couple days, I have been running the KVM managed-storage
>>> regression-test suite against RC1.
>>>
>>> With the exception of one issue (more on this below), all of these tests have
>>> passed.
>>>
>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>
>>> Once I’ve completed running those, I expect to move on to the XenServer-related
>>> managed-storage tests.
>>>
>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I
>>> suspect all of those tests will come back successful.
>>>
>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>
>>> It relates to a new feature whereby you can online migrate the storage of a VM
>>> from NFS or Ceph to managed storage.
>>>
>>> During the code-review process, I made a change per a suggestion and it
>>> introduced an issue with this feature. The solution is just a couple lines of
>>> code and only impacts this one use case. If you are testing this release
>>> candidate and don’t really care about this particular feature, it should not at
>>> all impact your ability to test RC1.
>>>
>>> Thanks!
>>> Mike
>>>
>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav
>>> <ro...@apache.org>>>
>>> wrote:
>>>
>>> Hi All,
>>>
>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>> testing and a vote:
>>>
>>> Git Branch and Commit SH:
>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>
>>> Source release (checksums and signatures are available at the same
>>> location):
>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>
>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>
>>> The vote will be open for 72 hours.
>>>
>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>> "(binding)" with their vote?
>>>
>>> [ ] +1 approve
>>> [ ] +0 no opinion
>>> [ ] -1 disapprove (and reason why)
>>>
>>> Additional information:
>>>
>>> For users' convenience, I've built packages from
>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>
>>> The release notes are still work-in-progress, but the systemvmtemplate
>>> upgrade section has been updated. You may refer the following for
>>> systemvmtemplate upgrade testing:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>
>>> 4.11 systemvmtemplates are available from here:
>>> https://download.cloudstack.org/systemvm/4.11/
>>>
>>> Regards,
>>> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
+1, now since we’ll be having RC2 lets address this as well.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 22 Jan 2018, at 10:24, Paul Angus <pa...@shapeblue.com> wrote:
>
> If I've understood the issue correctly, "not being able to log in if upgrading from 4.5" is a blocker in my book. I don't think that it should be the duty of the Admin, to fix our oversights. Migration to the use of dynamic roles is also broken as the command will be missing from commands.properties in the first place, so the 'migrated' commands will not be complete.
>
> As there will need to be an RC2, IMO this upgrade issue should be fixed as part of it.
>
>
>
> Kind regards,
>
> Paul Angus
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -----Original Message-----
> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> Sent: 22 January 2018 07:31
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
> Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>
>> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>>
>> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>>
>>
>>
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Rohit Yadav
>> Sent: 19 January 2018 09:27
>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>
>> Hi Bobby,
>>
>>
>>
>> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>
>>
>>
>> - Rohit
>>
>>
>>
>> Software Architect
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Friday, January 19, 2018 2:51:32 PM
>> To: users
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Rohit,
>>
>> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>>
>>> Hi Bobby,
>>>
>>>
>>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>>
>>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>>
>>> quotaIsEnabled=15
>>>
>>>
>>> Please continue testing, thanks.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov <bo...@shapeblue.com>>
>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> I think I’ve hit a blocker when upgrading to 4.11
>>>
>>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>
>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>>
>>> Regards,
>>> Boris Stoyanov
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>>
>>> Hi everyone,
>>>
>>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>>
>>> With the exception of one issue (more on this below), all of these tests have passed.
>>>
>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>
>>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>>
>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>>
>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>
>>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>>
>>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>>
>>> Thanks!
>>> Mike
>>>
>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>>
>>> Hi All,
>>>
>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>> testing and a vote:
>>>
>>> Git Branch and Commit SH:
>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>
>>> Source release (checksums and signatures are available at the same
>>> location):
>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>
>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>
>>> The vote will be open for 72 hours.
>>>
>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>> "(binding)" with their vote?
>>>
>>> [ ] +1 approve
>>> [ ] +0 no opinion
>>> [ ] -1 disapprove (and reason why)
>>>
>>> Additional information:
>>>
>>> For users' convenience, I've built packages from
>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>
>>> The release notes are still work-in-progress, but the systemvmtemplate
>>> upgrade section has been updated. You may refer the following for
>>> systemvmtemplate upgrade testing:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>
>>> 4.11 systemvmtemplates are available from here:
>>> https://download.cloudstack.org/systemvm/4.11/
>>>
>>> Regards,
>>> Rohit Yadav
>>>
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
+1, now since we’ll be having RC2 lets address this as well.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 22 Jan 2018, at 10:24, Paul Angus <pa...@shapeblue.com> wrote:
>
> If I've understood the issue correctly, "not being able to log in if upgrading from 4.5" is a blocker in my book. I don't think that it should be the duty of the Admin, to fix our oversights. Migration to the use of dynamic roles is also broken as the command will be missing from commands.properties in the first place, so the 'migrated' commands will not be complete.
>
> As there will need to be an RC2, IMO this upgrade issue should be fixed as part of it.
>
>
>
> Kind regards,
>
> Paul Angus
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> -----Original Message-----
> From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
> Sent: 22 January 2018 07:31
> To: users@cloudstack.apache.org
> Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Paul,
> Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
>> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>>
>> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>>
>> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>>
>>
>>
>>
>> paul.angus@shapeblue.com
>> www.shapeblue.com
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>>
>>
>>
>> From: Rohit Yadav
>> Sent: 19 January 2018 09:27
>> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>>
>> Hi Bobby,
>>
>>
>>
>> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>>
>>
>>
>> - Rohit
>>
>>
>>
>> Software Architect
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>>
>>
>>
>>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Friday, January 19, 2018 2:51:32 PM
>> To: users
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> Hi Rohit,
>>
>> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>>
>> Bobby.
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>>
>>> Hi Bobby,
>>>
>>>
>>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>>
>>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>>
>>> quotaIsEnabled=15
>>>
>>>
>>> Please continue testing, thanks.
>>>
>>>
>>> - Rohit
>>>
>>> <https://cloudstack.apache.org>
>>>
>>>
>>>
>>> ________________________________
>>> From: Boris Stoyanov <bo...@shapeblue.com>>
>>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>>
>>> I think I’ve hit a blocker when upgrading to 4.11
>>>
>>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>>
>>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>>
>>> Regards,
>>> Boris Stoyanov
>>>
>>>
>>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>>
>>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>>> www.shapeblue.com<http://www.shapeblue.com>
>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>> @shapeblue
>>>
>>>
>>>
>>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>>
>>> Hi everyone,
>>>
>>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>>
>>> With the exception of one issue (more on this below), all of these tests have passed.
>>>
>>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>>
>>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>>
>>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>>
>>> Now, with regards to the one issue I found on KVM with managed storage:
>>>
>>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>>
>>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>>
>>> Thanks!
>>> Mike
>>>
>>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>>
>>> Hi All,
>>>
>>> I've created a 4.11.0.0 release, with the following artifacts up for
>>> testing and a vote:
>>>
>>> Git Branch and Commit SH:
>>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>>
>>> Source release (checksums and signatures are available at the same
>>> location):
>>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>>
>>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>>
>>> The vote will be open for 72 hours.
>>>
>>> For sanity in tallying the vote, can PMC members please be sure to indicate
>>> "(binding)" with their vote?
>>>
>>> [ ] +1 approve
>>> [ ] +0 no opinion
>>> [ ] -1 disapprove (and reason why)
>>>
>>> Additional information:
>>>
>>> For users' convenience, I've built packages from
>>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>>
>>> The release notes are still work-in-progress, but the systemvmtemplate
>>> upgrade section has been updated. You may refer the following for
>>> systemvmtemplate upgrade testing:
>>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>>
>>> 4.11 systemvmtemplates are available from here:
>>> https://download.cloudstack.org/systemvm/4.11/
>>>
>>> Regards,
>>> Rohit Yadav
>>>
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
All,
Given we've outstanding blockers and PRs in review/testing, I'll cut RC2 only after we manage to get them reviewed, tested and merged.
The outstanding PRs considered for RC2 are:
https://github.com/apache/cloudstack/pull/2418 (Properly parse rules for security groups)
https://github.com/apache/cloudstack/pull/2419 (Password server issue)
In addition we've following issues to receive fixes:
- VR - DHCP/dnsmasq leases issue (reported by Ozhan)
- Dynamic roles upgrade fixes: https://issues.apache.org/jira/browse/CLOUDSTACK-10249
Please share any other issues you've found, or I've missed. Thanks, and continue testing RC1.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Rohit Yadav <ro...@shapeblue.com>
Sent: Monday, January 22, 2018 11:18:27 AM
To: Paul Angus; users@cloudstack.apache.org; dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
The same issue applies to any 4.9, 4.10 release. In case of 4.9, we had discussed this as a doc bug and so it must be documented part of the 4.11 release notes as well.
There are two ways admin can migrate to dynamic roles post-upgrade:
1. Enable dynamic.apichecker.enabled to true which will use the default api mapping of rules from 4.8 commands.properties and automatic annotation based and (db-backed) dynamic rules from 4.9+. Or,
2. The migration script is only useful where admins were not using the default api rule mappings and they strictly want to check/migrate each API. This approach requires admins to go through new APIs and fix commands.properties before running the migration scriopt (we've been sharing the new/change API list in release notes, for example: http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands). (for reference, doc: http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/latest/accounts.html#using-dynamic-roles)
Unlike the dynamic API checker, the static checker does not even allow the root API to access all the APIs which is why post upgrade, if the UI calls any API that is not allowed for the root admin (in this case the quotaIsEnabled API) the UI will logout the user on API unauthorized failure which is what happened.
So, we can discuss two fixes:
- Like dynamic checker, let the static checker allow all APIs only to the root admin (id=1) (I would not prefer to change the legacy behaviour though)
- During upgrade, if commands.properties is missing we set the global setting to true, i.e. switch to dynamic roles (which would happen if someone tries to upgrade from 4.5->4.11 using a new mgmt server if they fail to copy the commands.properties file from /usr/share or /etc paths).
Thoughts?
- Rohit
<https://cloudstack.apache.org>
________________________________
rohit.yadav@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
From: Paul Angus
Sent: Monday, January 22, 2018 9:24:25 AM
To: users@cloudstack.apache.org
Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
If I've understood the issue correctly, "not being able to log in if upgrading from 4.5" is a blocker in my book. I don't think that it should be the duty of the Admin, to fix our oversights. Migration to the use of dynamic roles is also broken as the command will be missing from commands.properties in the first place, so the 'migrated' commands will not be complete.
As there will need to be an RC2, IMO this upgrade issue should be fixed as part of it.
Kind regards,
Paul Angus
VP Technology
paul.angus@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
-----Original Message-----
From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
Sent: 22 January 2018 07:31
To: users@cloudstack.apache.org
Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Paul,
Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>
> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>
> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
> From: Rohit Yadav
> Sent: 19 January 2018 09:27
> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>
> Hi Bobby,
>
>
>
> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>
>
>
> - Rohit
>
>
>
> Software Architect
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Friday, January 19, 2018 2:51:32 PM
> To: users
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Rohit,
>
> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>
>> Hi Bobby,
>>
>>
>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>
>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>
>> quotaIsEnabled=15
>>
>>
>> Please continue testing, thanks.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> I think I’ve hit a blocker when upgrading to 4.11
>>
>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>
>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>
>> Regards,
>> Boris Stoyanov
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>
>> Hi everyone,
>>
>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>
>> With the exception of one issue (more on this below), all of these tests have passed.
>>
>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>
>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>
>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>
>> Now, with regards to the one issue I found on KVM with managed storage:
>>
>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>
>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>
>> Thanks!
>> Mike
>>
>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
All,
Given we've outstanding blockers and PRs in review/testing, I'll cut RC2 only after we manage to get them reviewed, tested and merged.
The outstanding PRs considered for RC2 are:
https://github.com/apache/cloudstack/pull/2418 (Properly parse rules for security groups)
https://github.com/apache/cloudstack/pull/2419 (Password server issue)
In addition we've following issues to receive fixes:
- VR - DHCP/dnsmasq leases issue (reported by Ozhan)
- Dynamic roles upgrade fixes: https://issues.apache.org/jira/browse/CLOUDSTACK-10249
Please share any other issues you've found, or I've missed. Thanks, and continue testing RC1.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Rohit Yadav <ro...@shapeblue.com>
Sent: Monday, January 22, 2018 11:18:27 AM
To: Paul Angus; users@cloudstack.apache.org; dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
The same issue applies to any 4.9, 4.10 release. In case of 4.9, we had discussed this as a doc bug and so it must be documented part of the 4.11 release notes as well.
There are two ways admin can migrate to dynamic roles post-upgrade:
1. Enable dynamic.apichecker.enabled to true which will use the default api mapping of rules from 4.8 commands.properties and automatic annotation based and (db-backed) dynamic rules from 4.9+. Or,
2. The migration script is only useful where admins were not using the default api rule mappings and they strictly want to check/migrate each API. This approach requires admins to go through new APIs and fix commands.properties before running the migration scriopt (we've been sharing the new/change API list in release notes, for example: http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands). (for reference, doc: http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/latest/accounts.html#using-dynamic-roles)
Unlike the dynamic API checker, the static checker does not even allow the root API to access all the APIs which is why post upgrade, if the UI calls any API that is not allowed for the root admin (in this case the quotaIsEnabled API) the UI will logout the user on API unauthorized failure which is what happened.
So, we can discuss two fixes:
- Like dynamic checker, let the static checker allow all APIs only to the root admin (id=1) (I would not prefer to change the legacy behaviour though)
- During upgrade, if commands.properties is missing we set the global setting to true, i.e. switch to dynamic roles (which would happen if someone tries to upgrade from 4.5->4.11 using a new mgmt server if they fail to copy the commands.properties file from /usr/share or /etc paths).
Thoughts?
- Rohit
<https://cloudstack.apache.org>
________________________________
rohit.yadav@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
From: Paul Angus
Sent: Monday, January 22, 2018 9:24:25 AM
To: users@cloudstack.apache.org
Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
If I've understood the issue correctly, "not being able to log in if upgrading from 4.5" is a blocker in my book. I don't think that it should be the duty of the Admin, to fix our oversights. Migration to the use of dynamic roles is also broken as the command will be missing from commands.properties in the first place, so the 'migrated' commands will not be complete.
As there will need to be an RC2, IMO this upgrade issue should be fixed as part of it.
Kind regards,
Paul Angus
VP Technology
paul.angus@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
-----Original Message-----
From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
Sent: 22 January 2018 07:31
To: users@cloudstack.apache.org
Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Paul,
Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>
> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>
> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
> From: Rohit Yadav
> Sent: 19 January 2018 09:27
> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>
> Hi Bobby,
>
>
>
> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>
>
>
> - Rohit
>
>
>
> Software Architect
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Friday, January 19, 2018 2:51:32 PM
> To: users
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Rohit,
>
> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>
>> Hi Bobby,
>>
>>
>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>
>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>
>> quotaIsEnabled=15
>>
>>
>> Please continue testing, thanks.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> I think I’ve hit a blocker when upgrading to 4.11
>>
>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>
>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>
>> Regards,
>> Boris Stoyanov
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>
>> Hi everyone,
>>
>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>
>> With the exception of one issue (more on this below), all of these tests have passed.
>>
>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>
>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>
>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>
>> Now, with regards to the one issue I found on KVM with managed storage:
>>
>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>
>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>
>> Thanks!
>> Mike
>>
>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
The same issue applies to any 4.9, 4.10 release. In case of 4.9, we had discussed this as a doc bug and so it must be documented part of the 4.11 release notes as well.
There are two ways admin can migrate to dynamic roles post-upgrade:
1. Enable dynamic.apichecker.enabled to true which will use the default api mapping of rules from 4.8 commands.properties and automatic annotation based and (db-backed) dynamic rules from 4.9+. Or,
2. The migration script is only useful where admins were not using the default api rule mappings and they strictly want to check/migrate each API. This approach requires admins to go through new APIs and fix commands.properties before running the migration scriopt (we've been sharing the new/change API list in release notes, for example: http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands). (for reference, doc: http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/latest/accounts.html#using-dynamic-roles)
Unlike the dynamic API checker, the static checker does not even allow the root API to access all the APIs which is why post upgrade, if the UI calls any API that is not allowed for the root admin (in this case the quotaIsEnabled API) the UI will logout the user on API unauthorized failure which is what happened.
So, we can discuss two fixes:
- Like dynamic checker, let the static checker allow all APIs only to the root admin (id=1) (I would not prefer to change the legacy behaviour though)
- During upgrade, if commands.properties is missing we set the global setting to true, i.e. switch to dynamic roles (which would happen if someone tries to upgrade from 4.5->4.11 using a new mgmt server if they fail to copy the commands.properties file from /usr/share or /etc paths).
Thoughts?
- Rohit
<https://cloudstack.apache.org>
________________________________
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
From: Paul Angus
Sent: Monday, January 22, 2018 9:24:25 AM
To: users@cloudstack.apache.org
Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
If I've understood the issue correctly, "not being able to log in if upgrading from 4.5" is a blocker in my book. I don't think that it should be the duty of the Admin, to fix our oversights. Migration to the use of dynamic roles is also broken as the command will be missing from commands.properties in the first place, so the 'migrated' commands will not be complete.
As there will need to be an RC2, IMO this upgrade issue should be fixed as part of it.
Kind regards,
Paul Angus
VP Technology
paul.angus@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
-----Original Message-----
From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
Sent: 22 January 2018 07:31
To: users@cloudstack.apache.org
Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Paul,
Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>
> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>
> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
> From: Rohit Yadav
> Sent: 19 January 2018 09:27
> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>
> Hi Bobby,
>
>
>
> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>
>
>
> - Rohit
>
>
>
> Software Architect
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Friday, January 19, 2018 2:51:32 PM
> To: users
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Rohit,
>
> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>
>> Hi Bobby,
>>
>>
>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>
>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>
>> quotaIsEnabled=15
>>
>>
>> Please continue testing, thanks.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> I think I’ve hit a blocker when upgrading to 4.11
>>
>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>
>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>
>> Regards,
>> Boris Stoyanov
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>
>> Hi everyone,
>>
>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>
>> With the exception of one issue (more on this below), all of these tests have passed.
>>
>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>
>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>
>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>
>> Now, with regards to the one issue I found on KVM with managed storage:
>>
>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>
>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>
>> Thanks!
>> Mike
>>
>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
The same issue applies to any 4.9, 4.10 release. In case of 4.9, we had discussed this as a doc bug and so it must be documented part of the 4.11 release notes as well.
There are two ways admin can migrate to dynamic roles post-upgrade:
1. Enable dynamic.apichecker.enabled to true which will use the default api mapping of rules from 4.8 commands.properties and automatic annotation based and (db-backed) dynamic rules from 4.9+. Or,
2. The migration script is only useful where admins were not using the default api rule mappings and they strictly want to check/migrate each API. This approach requires admins to go through new APIs and fix commands.properties before running the migration scriopt (we've been sharing the new/change API list in release notes, for example: http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.9.3.0/api-changes.html#new-api-commands). (for reference, doc: http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/latest/accounts.html#using-dynamic-roles)
Unlike the dynamic API checker, the static checker does not even allow the root API to access all the APIs which is why post upgrade, if the UI calls any API that is not allowed for the root admin (in this case the quotaIsEnabled API) the UI will logout the user on API unauthorized failure which is what happened.
So, we can discuss two fixes:
- Like dynamic checker, let the static checker allow all APIs only to the root admin (id=1) (I would not prefer to change the legacy behaviour though)
- During upgrade, if commands.properties is missing we set the global setting to true, i.e. switch to dynamic roles (which would happen if someone tries to upgrade from 4.5->4.11 using a new mgmt server if they fail to copy the commands.properties file from /usr/share or /etc paths).
Thoughts?
- Rohit
<https://cloudstack.apache.org>
________________________________
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
From: Paul Angus
Sent: Monday, January 22, 2018 9:24:25 AM
To: users@cloudstack.apache.org
Cc: Rohit Yadav; dev@cloudstack.apache.org; Daan Hoogland
Subject: RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
If I've understood the issue correctly, "not being able to log in if upgrading from 4.5" is a blocker in my book. I don't think that it should be the duty of the Admin, to fix our oversights. Migration to the use of dynamic roles is also broken as the command will be missing from commands.properties in the first place, so the 'migrated' commands will not be complete.
As there will need to be an RC2, IMO this upgrade issue should be fixed as part of it.
Kind regards,
Paul Angus
VP Technology
paul.angus@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
-----Original Message-----
From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
Sent: 22 January 2018 07:31
To: users@cloudstack.apache.org
Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Paul,
Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>
> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>
> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
> From: Rohit Yadav
> Sent: 19 January 2018 09:27
> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>
> Hi Bobby,
>
>
>
> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>
>
>
> - Rohit
>
>
>
> Software Architect
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Friday, January 19, 2018 2:51:32 PM
> To: users
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Rohit,
>
> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>
>> Hi Bobby,
>>
>>
>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>
>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>
>> quotaIsEnabled=15
>>
>>
>> Please continue testing, thanks.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> I think I’ve hit a blocker when upgrading to 4.11
>>
>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>
>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>
>> Regards,
>> Boris Stoyanov
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>
>> Hi everyone,
>>
>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>
>> With the exception of one issue (more on this below), all of these tests have passed.
>>
>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>
>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>
>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>
>> Now, with regards to the one issue I found on KVM with managed storage:
>>
>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>
>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>
>> Thanks!
>> Mike
>>
>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Paul Angus <pa...@shapeblue.com>.
If I've understood the issue correctly, "not being able to log in if upgrading from 4.5" is a blocker in my book. I don't think that it should be the duty of the Admin, to fix our oversights. Migration to the use of dynamic roles is also broken as the command will be missing from commands.properties in the first place, so the 'migrated' commands will not be complete.
As there will need to be an RC2, IMO this upgrade issue should be fixed as part of it.
Kind regards,
Paul Angus
paul.angus@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-----Original Message-----
From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
Sent: 22 January 2018 07:31
To: users@cloudstack.apache.org
Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Paul,
Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>
> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>
> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
> From: Rohit Yadav
> Sent: 19 January 2018 09:27
> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>
> Hi Bobby,
>
>
>
> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>
>
>
> - Rohit
>
>
>
> Software Architect
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Friday, January 19, 2018 2:51:32 PM
> To: users
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Rohit,
>
> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>
>> Hi Bobby,
>>
>>
>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>
>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>
>> quotaIsEnabled=15
>>
>>
>> Please continue testing, thanks.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> I think I’ve hit a blocker when upgrading to 4.11
>>
>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>
>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>
>> Regards,
>> Boris Stoyanov
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>
>> Hi everyone,
>>
>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>
>> With the exception of one issue (more on this below), all of these tests have passed.
>>
>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>
>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>
>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>
>> Now, with regards to the one issue I found on KVM with managed storage:
>>
>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>
>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>
>> Thanks!
>> Mike
>>
>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Paul Angus <pa...@shapeblue.com>.
If I've understood the issue correctly, "not being able to log in if upgrading from 4.5" is a blocker in my book. I don't think that it should be the duty of the Admin, to fix our oversights. Migration to the use of dynamic roles is also broken as the command will be missing from commands.properties in the first place, so the 'migrated' commands will not be complete.
As there will need to be an RC2, IMO this upgrade issue should be fixed as part of it.
Kind regards,
Paul Angus
paul.angus@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
-----Original Message-----
From: Boris Stoyanov [mailto:boris.stoyanov@shapeblue.com]
Sent: 22 January 2018 07:31
To: users@cloudstack.apache.org
Cc: Rohit Yadav <ro...@shapeblue.com>; dev@cloudstack.apache.org; Daan Hoogland <da...@shapeblue.com>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Paul,
Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>
> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>
> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK @shapeblue
>
>
>
> From: Rohit Yadav
> Sent: 19 January 2018 09:27
> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>
> Hi Bobby,
>
>
>
> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>
>
>
> - Rohit
>
>
>
> Software Architect
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Friday, January 19, 2018 2:51:32 PM
> To: users
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Rohit,
>
> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>
>> Hi Bobby,
>>
>>
>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>
>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>
>> quotaIsEnabled=15
>>
>>
>> Please continue testing, thanks.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> I think I’ve hit a blocker when upgrading to 4.11
>>
>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>
>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>
>> Regards,
>> Boris Stoyanov
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>
>> Hi everyone,
>>
>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>
>> With the exception of one issue (more on this below), all of these tests have passed.
>>
>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>
>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>
>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>
>> Now, with regards to the one issue I found on KVM with managed storage:
>>
>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>
>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>
>> Thanks!
>> Mike
>>
>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
Hi Paul,
Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>
> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>
> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> From: Rohit Yadav
> Sent: 19 January 2018 09:27
> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>
> Hi Bobby,
>
>
>
> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>
>
>
> - Rohit
>
>
>
> Software Architect
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Friday, January 19, 2018 2:51:32 PM
> To: users
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Rohit,
>
> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>
>> Hi Bobby,
>>
>>
>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>
>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>
>> quotaIsEnabled=15
>>
>>
>> Please continue testing, thanks.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> I think I’ve hit a blocker when upgrading to 4.11
>>
>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>
>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>
>> Regards,
>> Boris Stoyanov
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>
>> Hi everyone,
>>
>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>
>> With the exception of one issue (more on this below), all of these tests have passed.
>>
>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>
>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>
>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>
>> Now, with regards to the one issue I found on KVM with managed storage:
>>
>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>
>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>
>> Thanks!
>> Mike
>>
>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
Hi Paul,
Migration script considers only what’s in the command.properties file, so if the ‘missing’ quotaIsEnabled=15 is not there it will not create a rule for it. As Rohit mentioned it’s a duty of the admin to take care of aligning this up. I’m also not big fan of having this described in release notes, but would like to be included automatically during upgrade. Main argument against it, its not a blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 19 Jan 2018, at 19:04, Paul Angus <pa...@shapeblue.com> wrote:
>
> OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
>
> But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
>
>
>
>
> paul.angus@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> From: Rohit Yadav
> Sent: 19 January 2018 09:27
> To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
>
> Hi Bobby,
>
>
>
> Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
>
>
>
> - Rohit
>
>
>
> Software Architect
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
>
>
>
>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Friday, January 19, 2018 2:51:32 PM
> To: users
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Hi Rohit,
>
> That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>>
>> Hi Bobby,
>>
>>
>> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>>
>> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>>
>> quotaIsEnabled=15
>>
>>
>> Please continue testing, thanks.
>>
>>
>> - Rohit
>>
>> <https://cloudstack.apache.org>
>>
>>
>>
>> ________________________________
>> From: Boris Stoyanov <bo...@shapeblue.com>>
>> Sent: Wednesday, January 17, 2018 6:54:28 PM
>> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
>> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>>
>> I think I’ve hit a blocker when upgrading to 4.11
>>
>> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>>
>> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>>
>> Regards,
>> Boris Stoyanov
>>
>>
>> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>>
>> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
>> www.shapeblue.com<http://www.shapeblue.com>
>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>> @shapeblue
>>
>>
>>
>> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>>
>> Hi everyone,
>>
>> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>>
>> With the exception of one issue (more on this below), all of these tests have passed.
>>
>> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>>
>> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>>
>> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>>
>> Now, with regards to the one issue I found on KVM with managed storage:
>>
>> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>>
>> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>>
>> Thanks!
>> Mike
>>
>> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Paul Angus <pa...@shapeblue.com>.
OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
paul.angus@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
From: Rohit Yadav
Sent: 19 January 2018 09:27
To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Bobby,
Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
- Rohit
Software Architect
rohit.yadav@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Friday, January 19, 2018 2:51:32 PM
To: users
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>
> Hi Bobby,
>
>
> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>
> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>
> quotaIsEnabled=15
>
>
> Please continue testing, thanks.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Wednesday, January 17, 2018 6:54:28 PM
> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> I think I’ve hit a blocker when upgrading to 4.11
>
> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>
> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>
> Regards,
> Boris Stoyanov
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>
> Hi everyone,
>
> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>
> With the exception of one issue (more on this below), all of these tests have passed.
>
> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>
> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>
> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>
> Now, with regards to the one issue I found on KVM with managed storage:
>
> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>
> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>
> Thanks!
> Mike
>
> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
All,
We don't have any outstanding blocker as of today (please report if I've missed any), for some of the issues I've request for workaround/fixes to be shared that should make into the next RC.
Based on your feedback, the voting/testing, and release-related bugfixing is extended till end of Monday. If we don't have any blockers and not waiting of blocker fixes, by end of Tuesday, I'll start RC2. Till then, please continue testing RC1.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>
Sent: Friday, January 19, 2018 3:08:05 PM
To: dev@cloudstack.apache.org
Cc: users; Paul Angus
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Thanks Rohit,
That said I must agree it’s not a blocker but still it definitely should be part of upgrade guide.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 19 Jan 2018, at 11:27, Rohit Yadav <ro...@shapeblue.com>> wrote:
Hi Bobby,
Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
- Rohit
<https://cloudstack.apache.org<https://cloudstack.apache.org/>>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Friday, January 19, 2018 2:51:32 PM
To: users
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
Hi Bobby,
I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
Adding the following to commands.properties file and restarting mgmt server fixes the issue:
quotaIsEnabled=15
Please continue testing, thanks.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Wednesday, January 17, 2018 6:54:28 PM
To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
I think I’ve hit a blocker when upgrading to 4.11
Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
Regards,
Boris Stoyanov
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
All,
We don't have any outstanding blocker as of today (please report if I've missed any), for some of the issues I've request for workaround/fixes to be shared that should make into the next RC.
Based on your feedback, the voting/testing, and release-related bugfixing is extended till end of Monday. If we don't have any blockers and not waiting of blocker fixes, by end of Tuesday, I'll start RC2. Till then, please continue testing RC1.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>
Sent: Friday, January 19, 2018 3:08:05 PM
To: dev@cloudstack.apache.org
Cc: users; Paul Angus
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Thanks Rohit,
That said I must agree it’s not a blocker but still it definitely should be part of upgrade guide.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 19 Jan 2018, at 11:27, Rohit Yadav <ro...@shapeblue.com>> wrote:
Hi Bobby,
Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
- Rohit
<https://cloudstack.apache.org<https://cloudstack.apache.org/>>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Friday, January 19, 2018 2:51:32 PM
To: users
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
Hi Bobby,
I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
Adding the following to commands.properties file and restarting mgmt server fixes the issue:
quotaIsEnabled=15
Please continue testing, thanks.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Wednesday, January 17, 2018 6:54:28 PM
To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
I think I’ve hit a blocker when upgrading to 4.11
Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
Regards,
Boris Stoyanov
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
Thanks Rohit,
That said I must agree it’s not a blocker but still it definitely should be part of upgrade guide.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 19 Jan 2018, at 11:27, Rohit Yadav <ro...@shapeblue.com>> wrote:
Hi Bobby,
Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
- Rohit
<https://cloudstack.apache.org<https://cloudstack.apache.org/>>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Friday, January 19, 2018 2:51:32 PM
To: users
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
Hi Bobby,
I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
Adding the following to commands.properties file and restarting mgmt server fixes the issue:
quotaIsEnabled=15
Please continue testing, thanks.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Wednesday, January 17, 2018 6:54:28 PM
To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
I think I’ve hit a blocker when upgrading to 4.11
Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
Regards,
Boris Stoyanov
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
RE: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Paul Angus <pa...@shapeblue.com>.
OK, just to confirm ‘we’ the community have basically deprecated the use of commands.properties?
But for people upgrading from a version before dynamic roles, does the migration script take into account (or need to take into account) the ‘missing’ quotaIsEnabled=15 parameter?
paul.angus@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
From: Rohit Yadav
Sent: 19 January 2018 09:27
To: users <us...@cloudstack.apache.org>; dev@cloudstack.apache.org; Paul Angus <pa...@shapeblue.com>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Bobby,
Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
- Rohit
Software Architect
rohit.yadav@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Friday, January 19, 2018 2:51:32 PM
To: users
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
>
> Hi Bobby,
>
>
> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>
> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>
> quotaIsEnabled=15
>
>
> Please continue testing, thanks.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>>
> Sent: Wednesday, January 17, 2018 6:54:28 PM
> To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> I think I’ve hit a blocker when upgrading to 4.11
>
> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>
> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>
> Regards,
> Boris Stoyanov
>
>
> boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>>> wrote:
>
> Hi everyone,
>
> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>
> With the exception of one issue (more on this below), all of these tests have passed.
>
> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>
> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>
> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>
> Now, with regards to the one issue I found on KVM with managed storage:
>
> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>
> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>
> Thanks!
> Mike
>
> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>>> wrote:
>
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
Thanks Rohit,
That said I must agree it’s not a blocker but still it definitely should be part of upgrade guide.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 19 Jan 2018, at 11:27, Rohit Yadav <ro...@shapeblue.com>> wrote:
Hi Bobby,
Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
- Rohit
<https://cloudstack.apache.org<https://cloudstack.apache.org/>>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Friday, January 19, 2018 2:51:32 PM
To: users
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com>> wrote:
Hi Bobby,
I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
Adding the following to commands.properties file and restarting mgmt server fixes the issue:
quotaIsEnabled=15
Please continue testing, thanks.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>>
Sent: Wednesday, January 17, 2018 6:54:28 PM
To: users@cloudstack.apache.org<ma...@cloudstack.apache.org>
Cc: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
I think I’ve hit a blocker when upgrading to 4.11
Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
Regards,
Boris Stoyanov
boris.stoyanov@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Hi Bobby,
Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>
Sent: Friday, January 19, 2018 2:51:32 PM
To: users
Cc: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com> wrote:
>
> Hi Bobby,
>
>
> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>
> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>
> quotaIsEnabled=15
>
>
> Please continue testing, thanks.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>
> Sent: Wednesday, January 17, 2018 6:54:28 PM
> To: users@cloudstack.apache.org
> Cc: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> I think I’ve hit a blocker when upgrading to 4.11
>
> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>
> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>
> Regards,
> Boris Stoyanov
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
>
> Hi everyone,
>
> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>
> With the exception of one issue (more on this below), all of these tests have passed.
>
> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>
> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>
> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>
> Now, with regards to the one issue I found on KVM with managed storage:
>
> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>
> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>
> Thanks!
> Mike
>
> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
>
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Hi Bobby,
Agree, it's not user-friendly which is why admins should migrate to the dynamic roles feature. But I'm not sure if this is a blocker and if an admin wants to stick to the old static (commands.properties) way, they need to manage changes themselves. We may add something to the release notes /cc @Paul Angus<ma...@shapeblue.com>.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>
Sent: Friday, January 19, 2018 2:51:32 PM
To: users
Cc: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com> wrote:
>
> Hi Bobby,
>
>
> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>
> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>
> quotaIsEnabled=15
>
>
> Please continue testing, thanks.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>
> Sent: Wednesday, January 17, 2018 6:54:28 PM
> To: users@cloudstack.apache.org
> Cc: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> I think I’ve hit a blocker when upgrading to 4.11
>
> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>
> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>
> Regards,
> Boris Stoyanov
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
>
> Hi everyone,
>
> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>
> With the exception of one issue (more on this below), all of these tests have passed.
>
> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>
> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>
> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>
> Now, with regards to the one issue I found on KVM with managed storage:
>
> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>
> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>
> Thanks!
> Mike
>
> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
>
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com> wrote:
>
> Hi Bobby,
>
>
> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>
> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>
> quotaIsEnabled=15
>
>
> Please continue testing, thanks.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>
> Sent: Wednesday, January 17, 2018 6:54:28 PM
> To: users@cloudstack.apache.org
> Cc: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> I think I’ve hit a blocker when upgrading to 4.11
>
> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>
> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>
> Regards,
> Boris Stoyanov
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
>
> Hi everyone,
>
> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>
> With the exception of one issue (more on this below), all of these tests have passed.
>
> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>
> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>
> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>
> Now, with regards to the one issue I found on KVM with managed storage:
>
> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>
> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>
> Thanks!
> Mike
>
> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
>
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
Hi Rohit,
That doesn’t sound much user friendly what do you think? Can we look for a way to automate this dependency in the upgrade process?
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On 19 Jan 2018, at 10:50, Rohit Yadav <ro...@shapeblue.com> wrote:
>
> Hi Bobby,
>
>
> I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
>
> Adding the following to commands.properties file and restarting mgmt server fixes the issue:
>
> quotaIsEnabled=15
>
>
> Please continue testing, thanks.
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Boris Stoyanov <bo...@shapeblue.com>
> Sent: Wednesday, January 17, 2018 6:54:28 PM
> To: users@cloudstack.apache.org
> Cc: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> I think I’ve hit a blocker when upgrading to 4.11
>
> Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
>
> I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
>
> Regards,
> Boris Stoyanov
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
>
> Hi everyone,
>
> For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
>
> With the exception of one issue (more on this below), all of these tests have passed.
>
> Tomorrow I plan to start in on the VMware-related managed-storage tests.
>
> Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
>
> I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
>
> Now, with regards to the one issue I found on KVM with managed storage:
>
> It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
>
> During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
>
> Thanks!
> Mike
>
> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
>
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Hi Bobby,
I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
Adding the following to commands.properties file and restarting mgmt server fixes the issue:
quotaIsEnabled=15
Please continue testing, thanks.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>
Sent: Wednesday, January 17, 2018 6:54:28 PM
To: users@cloudstack.apache.org
Cc: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
I think I’ve hit a blocker when upgrading to 4.11
Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
Regards,
Boris Stoyanov
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Hi Bobby,
I checked the 4.5-4.11 upgrade environment, due to the nature of how static checker with commands.properties work, admins will be required to add/update new API/ACLs in the commands.properties file.
Adding the following to commands.properties file and restarting mgmt server fixes the issue:
quotaIsEnabled=15
Please continue testing, thanks.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Boris Stoyanov <bo...@shapeblue.com>
Sent: Wednesday, January 17, 2018 6:54:28 PM
To: users@cloudstack.apache.org
Cc: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
I think I’ve hit a blocker when upgrading to 4.11
Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
Regards,
Boris Stoyanov
boris.stoyanov@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
I think I’ve hit a blocker when upgrading to 4.11
Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
Regards,
Boris Stoyanov
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
I think I’ve hit a blocker when upgrading to 4.11
Here’s the jira id: https://issues.apache.org/jira/browse/CLOUDSTACK-10236
I’ve upgraded from 4.5 to 4.11, then I’ve logged in with admin and got session expired immediately.
Regards,
Boris Stoyanov
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 8:42, Tutkowski, Mike <Mi...@netapp.com>> wrote:
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org>> wrote:
Hi All,
I've created a 4.11.0.0 release, with the following artifacts up for
testing and a vote:
Git Branch and Commit SH:
https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
Source release (checksums and signatures are available at the same
location):
https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
https://dist.apache.org/repos/dist/release/cloudstack/KEYS
The vote will be open for 72 hours.
For sanity in tallying the vote, can PMC members please be sure to indicate
"(binding)" with their vote?
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Additional information:
For users' convenience, I've built packages from
1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
http://cloudstack.apt-get.eu/testing/4.11-rc1
The release notes are still work-in-progress, but the systemvmtemplate
upgrade section has been updated. You may refer the following for
systemvmtemplate upgrade testing:
http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
4.11 systemvmtemplates are available from here:
https://download.cloudstack.org/systemvm/4.11/
Regards,
Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by "Tutkowski, Mike" <Mi...@netapp.com>.
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org> wrote:
>
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by "Tutkowski, Mike" <Mi...@netapp.com>.
Hi everyone,
For the past couple days, I have been running the KVM managed-storage regression-test suite against RC1.
With the exception of one issue (more on this below), all of these tests have passed.
Tomorrow I plan to start in on the VMware-related managed-storage tests.
Once I’ve completed running those, I expect to move on to the XenServer-related managed-storage tests.
I ran these XenServer and VMware tests just prior to RC1 being created, so I suspect all of those tests will come back successful.
Now, with regards to the one issue I found on KVM with managed storage:
It relates to a new feature whereby you can online migrate the storage of a VM from NFS or Ceph to managed storage.
During the code-review process, I made a change per a suggestion and it introduced an issue with this feature. The solution is just a couple lines of code and only impacts this one use case. If you are testing this release candidate and don’t really care about this particular feature, it should not at all impact your ability to test RC1.
Thanks!
Mike
> On Jan 15, 2018, at 4:33 AM, Rohit Yadav <ro...@apache.org> wrote:
>
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Wido den Hollander <wi...@widodh.nl>.
On 01/17/2018 03:34 PM, Daan Hoogland wrote:
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
>
> Is that a good idea?
Yes please :-) I won't be able to test before that window.
Wido
> On 17/01/2018, 14:33, "Kris Sterckx" <kr...@nuagenetworks.net> wrote:
>
> 4.11.0 looks like an awesome reason ! Special thanks to Rohit !
>
> I vote +0
>
> - I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
>
> - And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
> (Nuage-internal fix)
>
> thanks
>
> Kris
>
> [1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
> [2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
>
>
>
> daan.hoogland@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
>
> > Hi All,
> >
> > I've created a 4.11.0.0 release, with the following artifacts up for
> > testing and a vote:
> >
> > Git Branch and Commit SH:
> > https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
> > shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> > Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
> >
> > Source release (checksums and signatures are available at the same
> > location):
> > https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
> >
> > PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> > https://dist.apache.org/repos/dist/release/cloudstack/KEYS
> >
> > The vote will be open for 72 hours.
> >
> > For sanity in tallying the vote, can PMC members please be sure to indicate
> > "(binding)" with their vote?
> >
> > [ ] +1 approve
> > [ ] +0 no opinion
> > [ ] -1 disapprove (and reason why)
> >
> > Additional information:
> >
> > For users' convenience, I've built packages from
> > 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
> > here:
> > http://cloudstack.apt-get.eu/testing/4.11-rc1
> >
> > The release notes are still work-in-progress, but the systemvmtemplate
> > upgrade section has been updated. You may refer the following for
> > systemvmtemplate upgrade testing:
> > http://docs.cloudstack.apache.org/projects/cloudstack-
> > release-notes/en/latest/index.html
> >
> > 4.11 systemvmtemplates are available from here:
> > https://download.cloudstack.org/systemvm/4.11/
> >
> > Regards,
> > Rohit Yadav
> >
>
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Hi Mike,
Thanks, we've reviewed, tested and merged the PR. It should make into RC2, which I'm hoping to cut by EOD Tuesday (23 Jan).
Let's continue testing RC1 for other potential blockers.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Tutkowski, Mike <Mi...@netapp.com>
Sent: Sunday, January 21, 2018 4:29:21 AM
To: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Hi everyone,
I’ve completed running the automated (and, in some cases, manual) tests for managed storage against RC1. With the exception of one critical issue, all of the tests for all tested hypervisors (XenServer, VMware, and KVM) passed.
With regards to the critical issue, I have opened a PR for RC2:
https://github.com/apache/cloudstack/pull/2416
This comment lists the tests I performed while running RC1 + PR 2416:
https://github.com/apache/cloudstack/pull/2416#issuecomment-359220967
Thanks,
Mike
On 1/19/18, 3:59 PM, "Tutkowski, Mike" <Mi...@netapp.com> wrote:
Hi Rohit,
I have opened the following PR for 4.11 RC2:
https://github.com/apache/cloudstack/pull/2415
Also, I have completed running all the tests for managed storage for KVM and VMware. With the exception of the PR I opened, all tests passed.
This weekend I plan to re-run the XenServer managed-storage tests. I had run them just prior to you creating RC1, so I expect they will all pass.
Thanks!
Mike
On 1/19/18, 6:56 AM, "Tutkowski, Mike" <Mi...@netapp.com> wrote:
Yes, but only one (for KVM) and it is trivial to fix. I’ll open a PR.
Also, I’m almost done testing managed storage with VMware and all has gone well with that hypervisor.
I’ll run the tests for managed storage with XenServer over the weekend. I suspect they will all pass just fine.
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
> On Jan 19, 2018, at 1:55 AM, Rohit Yadav <ro...@shapeblue.com> wrote:
>
> Thanks Mike - do you see any blockers wrt to 4.11.0.0-rc1?
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Tutkowski, Mike <Mi...@netapp.com>
> Sent: Wednesday, January 17, 2018 8:09:50 PM
> To: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Yes: I definitely won’t be able to complete my regression tests within the 72-hour window. For 4.12, I plan to automate the remainder of my tests, but I’m not quite there with 4.11 (the vast majority of managed-storage tests are automated, but not yet all).
>
> On 1/17/18, 7:34 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
>
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
>
> Is that a good idea?
>
> On 17/01/2018, 14:33, "Kris Sterckx" <kr...@nuagenetworks.net> wrote:
>
> 4.11.0 looks like an awesome reason ! Special thanks to Rohit !
>
> I vote +0
>
> - I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
>
> - And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
> (Nuage-internal fix)
>
> thanks
>
> Kris
>
> [1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
> [2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
>
>
>
> daan.hoogland@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
>> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
>> here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-
>> release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
>
>
>
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by "Tutkowski, Mike" <Mi...@netapp.com>.
Hi everyone,
I’ve completed running the automated (and, in some cases, manual) tests for managed storage against RC1. With the exception of one critical issue, all of the tests for all tested hypervisors (XenServer, VMware, and KVM) passed.
With regards to the critical issue, I have opened a PR for RC2:
https://github.com/apache/cloudstack/pull/2416
This comment lists the tests I performed while running RC1 + PR 2416:
https://github.com/apache/cloudstack/pull/2416#issuecomment-359220967
Thanks,
Mike
On 1/19/18, 3:59 PM, "Tutkowski, Mike" <Mi...@netapp.com> wrote:
Hi Rohit,
I have opened the following PR for 4.11 RC2:
https://github.com/apache/cloudstack/pull/2415
Also, I have completed running all the tests for managed storage for KVM and VMware. With the exception of the PR I opened, all tests passed.
This weekend I plan to re-run the XenServer managed-storage tests. I had run them just prior to you creating RC1, so I expect they will all pass.
Thanks!
Mike
On 1/19/18, 6:56 AM, "Tutkowski, Mike" <Mi...@netapp.com> wrote:
Yes, but only one (for KVM) and it is trivial to fix. I’ll open a PR.
Also, I’m almost done testing managed storage with VMware and all has gone well with that hypervisor.
I’ll run the tests for managed storage with XenServer over the weekend. I suspect they will all pass just fine.
> On Jan 19, 2018, at 1:55 AM, Rohit Yadav <ro...@shapeblue.com> wrote:
>
> Thanks Mike - do you see any blockers wrt to 4.11.0.0-rc1?
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Tutkowski, Mike <Mi...@netapp.com>
> Sent: Wednesday, January 17, 2018 8:09:50 PM
> To: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Yes: I definitely won’t be able to complete my regression tests within the 72-hour window. For 4.12, I plan to automate the remainder of my tests, but I’m not quite there with 4.11 (the vast majority of managed-storage tests are automated, but not yet all).
>
> On 1/17/18, 7:34 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
>
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
>
> Is that a good idea?
>
> On 17/01/2018, 14:33, "Kris Sterckx" <kr...@nuagenetworks.net> wrote:
>
> 4.11.0 looks like an awesome reason ! Special thanks to Rohit !
>
> I vote +0
>
> - I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
>
> - And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
> (Nuage-internal fix)
>
> thanks
>
> Kris
>
> [1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
> [2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
>
>
>
> daan.hoogland@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
>> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
>> here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-
>> release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
>
>
>
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by "Tutkowski, Mike" <Mi...@netapp.com>.
Hi Rohit,
I have opened the following PR for 4.11 RC2:
https://github.com/apache/cloudstack/pull/2415
Also, I have completed running all the tests for managed storage for KVM and VMware. With the exception of the PR I opened, all tests passed.
This weekend I plan to re-run the XenServer managed-storage tests. I had run them just prior to you creating RC1, so I expect they will all pass.
Thanks!
Mike
On 1/19/18, 6:56 AM, "Tutkowski, Mike" <Mi...@netapp.com> wrote:
Yes, but only one (for KVM) and it is trivial to fix. I’ll open a PR.
Also, I’m almost done testing managed storage with VMware and all has gone well with that hypervisor.
I’ll run the tests for managed storage with XenServer over the weekend. I suspect they will all pass just fine.
> On Jan 19, 2018, at 1:55 AM, Rohit Yadav <ro...@shapeblue.com> wrote:
>
> Thanks Mike - do you see any blockers wrt to 4.11.0.0-rc1?
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Tutkowski, Mike <Mi...@netapp.com>
> Sent: Wednesday, January 17, 2018 8:09:50 PM
> To: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Yes: I definitely won’t be able to complete my regression tests within the 72-hour window. For 4.12, I plan to automate the remainder of my tests, but I’m not quite there with 4.11 (the vast majority of managed-storage tests are automated, but not yet all).
>
> On 1/17/18, 7:34 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
>
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
>
> Is that a good idea?
>
> On 17/01/2018, 14:33, "Kris Sterckx" <kr...@nuagenetworks.net> wrote:
>
> 4.11.0 looks like an awesome reason ! Special thanks to Rohit !
>
> I vote +0
>
> - I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
>
> - And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
> (Nuage-internal fix)
>
> thanks
>
> Kris
>
> [1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
> [2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
>
>
>
> daan.hoogland@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
>> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
>> here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-
>> release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
>
>
>
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by "Tutkowski, Mike" <Mi...@netapp.com>.
Yes, but only one (for KVM) and it is trivial to fix. I’ll open a PR.
Also, I’m almost done testing managed storage with VMware and all has gone well with that hypervisor.
I’ll run the tests for managed storage with XenServer over the weekend. I suspect they will all pass just fine.
> On Jan 19, 2018, at 1:55 AM, Rohit Yadav <ro...@shapeblue.com> wrote:
>
> Thanks Mike - do you see any blockers wrt to 4.11.0.0-rc1?
>
>
> - Rohit
>
> <https://cloudstack.apache.org>
>
>
>
> ________________________________
> From: Tutkowski, Mike <Mi...@netapp.com>
> Sent: Wednesday, January 17, 2018 8:09:50 PM
> To: dev@cloudstack.apache.org
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Yes: I definitely won’t be able to complete my regression tests within the 72-hour window. For 4.12, I plan to automate the remainder of my tests, but I’m not quite there with 4.11 (the vast majority of managed-storage tests are automated, but not yet all).
>
> On 1/17/18, 7:34 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
>
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
>
> Is that a good idea?
>
> On 17/01/2018, 14:33, "Kris Sterckx" <kr...@nuagenetworks.net> wrote:
>
> 4.11.0 looks like an awesome reason ! Special thanks to Rohit !
>
> I vote +0
>
> - I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
>
> - And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
> (Nuage-internal fix)
>
> thanks
>
> Kris
>
> [1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
> [2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
>
>
>
> daan.hoogland@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
> rohit.yadav@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>> On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
>>
>> Hi All,
>>
>> I've created a 4.11.0.0 release, with the following artifacts up for
>> testing and a vote:
>>
>> Git Branch and Commit SH:
>> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
>> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
>> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>>
>> Source release (checksums and signatures are available at the same
>> location):
>> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>>
>> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
>> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>>
>> The vote will be open for 72 hours.
>>
>> For sanity in tallying the vote, can PMC members please be sure to indicate
>> "(binding)" with their vote?
>>
>> [ ] +1 approve
>> [ ] +0 no opinion
>> [ ] -1 disapprove (and reason why)
>>
>> Additional information:
>>
>> For users' convenience, I've built packages from
>> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
>> here:
>> http://cloudstack.apt-get.eu/testing/4.11-rc1
>>
>> The release notes are still work-in-progress, but the systemvmtemplate
>> upgrade section has been updated. You may refer the following for
>> systemvmtemplate upgrade testing:
>> http://docs.cloudstack.apache.org/projects/cloudstack-
>> release-notes/en/latest/index.html
>>
>> 4.11 systemvmtemplates are available from here:
>> https://download.cloudstack.org/systemvm/4.11/
>>
>> Regards,
>> Rohit Yadav
>>
>
>
>
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Thanks Mike - do you see any blockers wrt to 4.11.0.0-rc1?
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Tutkowski, Mike <Mi...@netapp.com>
Sent: Wednesday, January 17, 2018 8:09:50 PM
To: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Yes: I definitely won’t be able to complete my regression tests within the 72-hour window. For 4.12, I plan to automate the remainder of my tests, but I’m not quite there with 4.11 (the vast majority of managed-storage tests are automated, but not yet all).
On 1/17/18, 7:34 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
People, People,
a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
Is that a good idea?
On 17/01/2018, 14:33, "Kris Sterckx" <kr...@nuagenetworks.net> wrote:
4.11.0 looks like an awesome reason ! Special thanks to Rohit !
I vote +0
- I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
- And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
(Nuage-internal fix)
thanks
Kris
[1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
[2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
daan.hoogland@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
> here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-
> release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by "Tutkowski, Mike" <Mi...@netapp.com>.
Yes: I definitely won’t be able to complete my regression tests within the 72-hour window. For 4.12, I plan to automate the remainder of my tests, but I’m not quite there with 4.11 (the vast majority of managed-storage tests are automated, but not yet all).
On 1/17/18, 7:34 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
People, People,
a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
Is that a good idea?
On 17/01/2018, 14:33, "Kris Sterckx" <kr...@nuagenetworks.net> wrote:
4.11.0 looks like an awesome reason ! Special thanks to Rohit !
I vote +0
- I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
- And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
(Nuage-internal fix)
thanks
Kris
[1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
[2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
daan.hoogland@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
> here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-
> release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Simon Weller <sw...@ena.com.INVALID>.
All,
We're currently working on getting 4.11 stood up on hardware for testing. An extension would certainly be helpful to us.
________________________________
From: Nux! <nu...@li.nux.ro>
Sent: Wednesday, January 17, 2018 1:07 PM
To: dev
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
The extension is welcome!
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Boris Stoyanov" <bo...@shapeblue.com>
> To: "dev" <de...@cloudstack.apache.org>
> Sent: Wednesday, 17 January, 2018 18:24:20
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Yes Rohit, tried other browser and I’m not able to login..
>
> I’m +1 on the extend but unfortunately -1 cause of this blocker.
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com<http://www.shapeblue.com>
[http://www.shapeblue.com/wp-content/uploads/2017/06/logo.png]<http://www.shapeblue.com/>
Shapeblue - The CloudStack Company<http://www.shapeblue.com/>
www.shapeblue.com
Rapid deployment framework for Apache CloudStack IaaS Clouds. CSForge is a framework developed by ShapeBlue to deliver the rapid deployment of a standardised ...
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 17 Jan 2018, at 18:24, Rohit Yadav
> <ro...@shapeblue.com>> wrote:
>
> The 72hrs window is more of a guideline than a rule, without lazy consensus I
> don't think we've any choice here, so Monday it is.
>
> Kris - thanks, if we need RC2 and your proposed issues are blocker/critical we
> can consider them so meanwhile engage with community to get them reviewed.
>
> Bobby - can you attempt login in incognito mode or in a different browser after
> upgrading to 4.11 from 4.5, rule out caching issue?
>
> Regards.
>
> Get Outlook for Android<https://aka.ms/ghei36>
>
> ________________________________
> From: Tutkowski, Mike
> <Mi...@netapp.com>>
> Sent: Wednesday, January 17, 2018 8:48:28 PM
> To: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Or perhaps just the first RC should have a longer window?
>
> On 1/17/18, 8:12 AM, "Tutkowski, Mike"
> <Mi...@netapp.com>> wrote:
>
> If all of our testing were completely in an automated fashion, then I would
> agree that the 72-hour window is sufficient. However, we don’t have that kind
> of automated coverage and people aren’t always able to immediately begin
> testing things out like migrating from their version of CloudStack to the new
> one. That being the case, 72 hours does seem (at least for where we are now as
> a project in terms of automated testing coverage) a bit short.
>
> On 1/17/18, 7:52 AM, "Daan Hoogland"
> <da...@shapeblue.com>> wrote:
>
> The 72 hours is to make sure all stakeholders had a chance to glance. Testing is
> supposed to have happened before. We have a culture of testing only after
> RC-cut which is part of the problem. The long duration of a single test run
> takes, is another part. And finally, in this case there is the new mindblow
> called meltdown. I think in general we should try to keep the 72 hours but for
> this release it is not realistic.
>
> On 17/01/2018, 15:48, "Rene Moser"
> <ma...@renemoser.net>> wrote:
>
> On 01/17/2018 03:34 PM, Daan Hoogland wrote:
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about
> the 72 hours that we have for our voting, I propose to extend the vote period
> until at least Monday.
>
> +1
>
> I wonder where this 72 hours windows come from... Is it just be or,
> based on the amount of changes and "things" to test, I would like to
> expect a window in the size of 7-14 days ...?
>
> René
>
>
>
> daan.hoogland@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
>
>
>
>
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com/>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Nux! <nu...@li.nux.ro>.
The extension is welcome!
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
----- Original Message -----
> From: "Boris Stoyanov" <bo...@shapeblue.com>
> To: "dev" <de...@cloudstack.apache.org>
> Sent: Wednesday, 17 January, 2018 18:24:20
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
> Yes Rohit, tried other browser and I’m not able to login..
>
> I’m +1 on the extend but unfortunately -1 cause of this blocker.
>
> Bobby.
>
>
> boris.stoyanov@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
> On 17 Jan 2018, at 18:24, Rohit Yadav
> <ro...@shapeblue.com>> wrote:
>
> The 72hrs window is more of a guideline than a rule, without lazy consensus I
> don't think we've any choice here, so Monday it is.
>
> Kris - thanks, if we need RC2 and your proposed issues are blocker/critical we
> can consider them so meanwhile engage with community to get them reviewed.
>
> Bobby - can you attempt login in incognito mode or in a different browser after
> upgrading to 4.11 from 4.5, rule out caching issue?
>
> Regards.
>
> Get Outlook for Android<https://aka.ms/ghei36>
>
> ________________________________
> From: Tutkowski, Mike
> <Mi...@netapp.com>>
> Sent: Wednesday, January 17, 2018 8:48:28 PM
> To: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
> Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
>
> Or perhaps just the first RC should have a longer window?
>
> On 1/17/18, 8:12 AM, "Tutkowski, Mike"
> <Mi...@netapp.com>> wrote:
>
> If all of our testing were completely in an automated fashion, then I would
> agree that the 72-hour window is sufficient. However, we don’t have that kind
> of automated coverage and people aren’t always able to immediately begin
> testing things out like migrating from their version of CloudStack to the new
> one. That being the case, 72 hours does seem (at least for where we are now as
> a project in terms of automated testing coverage) a bit short.
>
> On 1/17/18, 7:52 AM, "Daan Hoogland"
> <da...@shapeblue.com>> wrote:
>
> The 72 hours is to make sure all stakeholders had a chance to glance. Testing is
> supposed to have happened before. We have a culture of testing only after
> RC-cut which is part of the problem. The long duration of a single test run
> takes, is another part. And finally, in this case there is the new mindblow
> called meltdown. I think in general we should try to keep the 72 hours but for
> this release it is not realistic.
>
> On 17/01/2018, 15:48, "Rene Moser"
> <ma...@renemoser.net>> wrote:
>
> On 01/17/2018 03:34 PM, Daan Hoogland wrote:
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about
> the 72 hours that we have for our voting, I propose to extend the vote period
> until at least Monday.
>
> +1
>
> I wonder where this 72 hours windows come from... Is it just be or,
> based on the amount of changes and "things" to test, I would like to
> expect a window in the size of 7-14 days ...?
>
> René
>
>
>
> daan.hoogland@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
>
>
>
>
> rohit.yadav@shapeblue.com<ma...@shapeblue.com>
> www.shapeblue.com<http://www.shapeblue.com/>
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Boris Stoyanov <bo...@shapeblue.com>.
Yes Rohit, tried other browser and I’m not able to login..
I’m +1 on the extend but unfortunately -1 cause of this blocker.
Bobby.
boris.stoyanov@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 17 Jan 2018, at 18:24, Rohit Yadav <ro...@shapeblue.com>> wrote:
The 72hrs window is more of a guideline than a rule, without lazy consensus I don't think we've any choice here, so Monday it is.
Kris - thanks, if we need RC2 and your proposed issues are blocker/critical we can consider them so meanwhile engage with community to get them reviewed.
Bobby - can you attempt login in incognito mode or in a different browser after upgrading to 4.11 from 4.5, rule out caching issue?
Regards.
Get Outlook for Android<https://aka.ms/ghei36>
________________________________
From: Tutkowski, Mike <Mi...@netapp.com>>
Sent: Wednesday, January 17, 2018 8:48:28 PM
To: dev@cloudstack.apache.org<ma...@cloudstack.apache.org>
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Or perhaps just the first RC should have a longer window?
On 1/17/18, 8:12 AM, "Tutkowski, Mike" <Mi...@netapp.com>> wrote:
If all of our testing were completely in an automated fashion, then I would agree that the 72-hour window is sufficient. However, we don’t have that kind of automated coverage and people aren’t always able to immediately begin testing things out like migrating from their version of CloudStack to the new one. That being the case, 72 hours does seem (at least for where we are now as a project in terms of automated testing coverage) a bit short.
On 1/17/18, 7:52 AM, "Daan Hoogland" <da...@shapeblue.com>> wrote:
The 72 hours is to make sure all stakeholders had a chance to glance. Testing is supposed to have happened before. We have a culture of testing only after RC-cut which is part of the problem. The long duration of a single test run takes, is another part. And finally, in this case there is the new mindblow called meltdown. I think in general we should try to keep the 72 hours but for this release it is not realistic.
On 17/01/2018, 15:48, "Rene Moser" <ma...@renemoser.net>> wrote:
On 01/17/2018 03:34 PM, Daan Hoogland wrote:
People, People,
a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
+1
I wonder where this 72 hours windows come from... Is it just be or,
based on the amount of changes and "things" to test, I would like to
expect a window in the size of 7-14 days ...?
René
daan.hoogland@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/><http://www.shapeblue.com<http://www.shapeblue.com/>>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com<ma...@shapeblue.com>
www.shapeblue.com<http://www.shapeblue.com/>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
The 72hrs window is more of a guideline than a rule, without lazy consensus I don't think we've any choice here, so Monday it is.
Kris - thanks, if we need RC2 and your proposed issues are blocker/critical we can consider them so meanwhile engage with community to get them reviewed.
Bobby - can you attempt login in incognito mode or in a different browser after upgrading to 4.11 from 4.5, rule out caching issue?
Regards.
Get Outlook for Android<https://aka.ms/ghei36>
________________________________
From: Tutkowski, Mike <Mi...@netapp.com>
Sent: Wednesday, January 17, 2018 8:48:28 PM
To: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Or perhaps just the first RC should have a longer window?
On 1/17/18, 8:12 AM, "Tutkowski, Mike" <Mi...@netapp.com> wrote:
If all of our testing were completely in an automated fashion, then I would agree that the 72-hour window is sufficient. However, we don’t have that kind of automated coverage and people aren’t always able to immediately begin testing things out like migrating from their version of CloudStack to the new one. That being the case, 72 hours does seem (at least for where we are now as a project in terms of automated testing coverage) a bit short.
On 1/17/18, 7:52 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
The 72 hours is to make sure all stakeholders had a chance to glance. Testing is supposed to have happened before. We have a culture of testing only after RC-cut which is part of the problem. The long duration of a single test run takes, is another part. And finally, in this case there is the new mindblow called meltdown. I think in general we should try to keep the 72 hours but for this release it is not realistic.
On 17/01/2018, 15:48, "Rene Moser" <ma...@renemoser.net> wrote:
On 01/17/2018 03:34 PM, Daan Hoogland wrote:
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
+1
I wonder where this 72 hours windows come from... Is it just be or,
based on the amount of changes and "things" to test, I would like to
expect a window in the size of 7-14 days ...?
René
daan.hoogland@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by "Tutkowski, Mike" <Mi...@netapp.com>.
Or perhaps just the first RC should have a longer window?
On 1/17/18, 8:12 AM, "Tutkowski, Mike" <Mi...@netapp.com> wrote:
If all of our testing were completely in an automated fashion, then I would agree that the 72-hour window is sufficient. However, we don’t have that kind of automated coverage and people aren’t always able to immediately begin testing things out like migrating from their version of CloudStack to the new one. That being the case, 72 hours does seem (at least for where we are now as a project in terms of automated testing coverage) a bit short.
On 1/17/18, 7:52 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
The 72 hours is to make sure all stakeholders had a chance to glance. Testing is supposed to have happened before. We have a culture of testing only after RC-cut which is part of the problem. The long duration of a single test run takes, is another part. And finally, in this case there is the new mindblow called meltdown. I think in general we should try to keep the 72 hours but for this release it is not realistic.
On 17/01/2018, 15:48, "Rene Moser" <ma...@renemoser.net> wrote:
On 01/17/2018 03:34 PM, Daan Hoogland wrote:
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
+1
I wonder where this 72 hours windows come from... Is it just be or,
based on the amount of changes and "things" to test, I would like to
expect a window in the size of 7-14 days ...?
René
daan.hoogland@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by "Tutkowski, Mike" <Mi...@netapp.com>.
If all of our testing were completely in an automated fashion, then I would agree that the 72-hour window is sufficient. However, we don’t have that kind of automated coverage and people aren’t always able to immediately begin testing things out like migrating from their version of CloudStack to the new one. That being the case, 72 hours does seem (at least for where we are now as a project in terms of automated testing coverage) a bit short.
On 1/17/18, 7:52 AM, "Daan Hoogland" <da...@shapeblue.com> wrote:
The 72 hours is to make sure all stakeholders had a chance to glance. Testing is supposed to have happened before. We have a culture of testing only after RC-cut which is part of the problem. The long duration of a single test run takes, is another part. And finally, in this case there is the new mindblow called meltdown. I think in general we should try to keep the 72 hours but for this release it is not realistic.
On 17/01/2018, 15:48, "Rene Moser" <ma...@renemoser.net> wrote:
On 01/17/2018 03:34 PM, Daan Hoogland wrote:
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
+1
I wonder where this 72 hours windows come from... Is it just be or,
based on the amount of changes and "things" to test, I would like to
expect a window in the size of 7-14 days ...?
René
daan.hoogland@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Daan Hoogland <da...@shapeblue.com>.
The 72 hours is to make sure all stakeholders had a chance to glance. Testing is supposed to have happened before. We have a culture of testing only after RC-cut which is part of the problem. The long duration of a single test run takes, is another part. And finally, in this case there is the new mindblow called meltdown. I think in general we should try to keep the 72 hours but for this release it is not realistic.
On 17/01/2018, 15:48, "Rene Moser" <ma...@renemoser.net> wrote:
On 01/17/2018 03:34 PM, Daan Hoogland wrote:
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
+1
I wonder where this 72 hours windows come from... Is it just be or,
based on the amount of changes and "things" to test, I would like to
expect a window in the size of 7-14 days ...?
René
daan.hoogland@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rene Moser <ma...@renemoser.net>.
On 01/17/2018 03:34 PM, Daan Hoogland wrote:
> People, People,
>
> a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
+1
I wonder where this 72 hours windows come from... Is it just be or,
based on the amount of changes and "things" to test, I would like to
expect a window in the size of 7-14 days ...?
René
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Daan Hoogland <da...@shapeblue.com>.
People, People,
a lot of us are busy with meltdown fixes and a full component test takes about the 72 hours that we have for our voting, I propose to extend the vote period until at least Monday.
Is that a good idea?
On 17/01/2018, 14:33, "Kris Sterckx" <kr...@nuagenetworks.net> wrote:
4.11.0 looks like an awesome reason ! Special thanks to Rohit !
I vote +0
- I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
- And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
(Nuage-internal fix)
thanks
Kris
[1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
[2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
daan.hoogland@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
> here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-
> release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Rohit Yadav <ro...@shapeblue.com>.
Hi Kris,
We've managed to review, test and merge the two mentioned PRs on 4.11 (and fwd-merged on master) branch.
RC2 will have the fixes, which we'll kick next week, until then please continue testing with RC1.
- Rohit
<https://cloudstack.apache.org>
________________________________
From: Kris Sterckx <kr...@nuagenetworks.net>
Sent: Wednesday, January 17, 2018 7:02:52 PM
To: dev@cloudstack.apache.org
Subject: Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
4.11.0 looks like an awesome reason ! Special thanks to Rohit !
I vote +0
- I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
- And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
(Nuage-internal fix)
thanks
Kris
[1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
[2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
rohit.yadav@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
> here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-
> release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>
Re: [VOTE] Apache Cloudstack 4.11.0.0 (LTS)
Posted by Kris Sterckx <kr...@nuagenetworks.net>.
4.11.0 looks like an awesome reason ! Special thanks to Rohit !
I vote +0
- I vote for including CLOUDSTACK-9749 [1] into 4.11.0 still
- And if that is accepted, I vote for including CLOUDSTACK-10233 [2] also
(Nuage-internal fix)
thanks
Kris
[1] https://issues.apache.org/jira/browse/CLOUDSTACK-9749
[2] https://issues.apache.org/jira/browse/CLOUDSTACK-10233
On 15 January 2018 at 12:32, Rohit Yadav <ro...@apache.org> wrote:
> Hi All,
>
> I've created a 4.11.0.0 release, with the following artifacts up for
> testing and a vote:
>
> Git Branch and Commit SH:
> https://gitbox.apache.org/repos/asf?p=cloudstack.git;a=
> shortlog;h=refs/heads/4.11.0.0-RC20180115T1603
> Commit: 1b8a532ba52127f388847690df70e65c6b46f4d4
>
> Source release (checksums and signatures are available at the same
> location):
> https://dist.apache.org/repos/dist/dev/cloudstack/4.11.0.0/
>
> PGP release keys (signed using 5ED1E1122DC5E8A4A45112C2484248210EE3D884):
> https://dist.apache.org/repos/dist/release/cloudstack/KEYS
>
> The vote will be open for 72 hours.
>
> For sanity in tallying the vote, can PMC members please be sure to indicate
> "(binding)" with their vote?
>
> [ ] +1 approve
> [ ] +0 no opinion
> [ ] -1 disapprove (and reason why)
>
> Additional information:
>
> For users' convenience, I've built packages from
> 1b8a532ba52127f388847690df70e65c6b46f4d4 and published RC1 repository
> here:
> http://cloudstack.apt-get.eu/testing/4.11-rc1
>
> The release notes are still work-in-progress, but the systemvmtemplate
> upgrade section has been updated. You may refer the following for
> systemvmtemplate upgrade testing:
> http://docs.cloudstack.apache.org/projects/cloudstack-
> release-notes/en/latest/index.html
>
> 4.11 systemvmtemplates are available from here:
> https://download.cloudstack.org/systemvm/4.11/
>
> Regards,
> Rohit Yadav
>