Cloud Infrastructure Automation Issues

Issue: Cloud Infrastructure Automation notification is not sent though an event has happened.

Cause: The vm2vf service sends periodic notifications regarding operation status. If the time between such notifications become higher than the maxInactivityDuration parameter, the protocol error will be met during the next report:

2017-05-31 17:52:53,391 (CALLBACK_434301a9-c414-4dfe-86f3-d38ca774062f) WARN  Vm2VfApiOperationsReactor [ActiveMQ Session Task-9879] - protocol error particular callback already expired: interface com.parallels.c2u.vm2vf.corba.CallbackWithCapacityAndId
2017-05-31 17:52:53,392 () INFO  Vm2VfApiOperationsReactor [ActiveMQ Session Task-9879] - in-bound request XML

Such behavior usually points on the performance issues on the virtualization node.

The default value of the parameter maxInactivityDuration is 5 minutes.

This time limit should be enough to send the notification from the vm2vf side.

Resolution:

If the performance issues cannot be resolved right away, the maxInactivityDuration parameter may be increased.

It is located in the broker block of the main Instance Manager configuration file:

[root@oaci-im ~]# grep maxInactivityDuration /usr/local/share/PACI-im/IM-config.xml
          <broker data-dir="activemq-data/kahadb" embedded="true" maxConnections="100" maxOutstandingMessages="-1" maxSessionsPerConnection="50" uri="tcp://0.0.0.0:61616" uri_="failover:(tcp://localhost:61616?trace=false&amp;soTimeout=60000&amp;wireFormat.maxInactivityDuration=300000)?timeout=5000&amp;maxReconnectAttempts=-1" />

The value should be set in the milliseconds.

The adjusted value should not exceed 600000 ms, otherwise this may led to the system instability.

Once the value is changed, the Instance Manager should be restarted.

 

Issue: Backup tasks fail by timeout.

Cause: The backup operation lasts longer than the task timeout.

Resolution:

To solve the issue, find out if it is expected that the backup task lasts so long. Normal rate is 1 hour for a 100 GB virtual machine.

If a VM is indeed huge and requires more than 4 hours to be completed, edit the task timeout in /usr/local/share/PACI-im/IM-config.xml:

change

<vm2vf callback-timeout-min="240" log="true" mode="remote">

to

<vm2vf callback-timeout-min="720 log="true" mode="remote">

For CloudBlue Commerce 7.0, this parameter is discarded, and you need to use ms value instead (this is fixed in 7.1 and higher versions):

change

<vm2vf callback-timeout-ms="14400000" log="true" mode="on-node">

to

<vm2vf callback-timeout-ms="21600000" log="true" mode="on-node">

 

Firewall Rules Does Not Work for VZ7 Virtual Servers

Issue: After adding a firewall rule for a virtual server, located on Virtuozzo 7 hardware node, the rule is not applied, and the connection is still possible or impossible depending on the rule being added. For example, setting the rule to allow only SSH traffic will not block HTTP/FTP/etc traffic to the virtual server. The same steps work fine for virtual servers located on Virtuozzo 6 nodes.

Cause: The bridge-nf-call-* sysctl settings are turned off on Virtuozzo 7 nodes by default.

Resolution: To resolve the issue with firewall rules, enable the sysctl settings on all Virtuozzo nodes in Cloud Infrastructure Automation:

# echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
# echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
# sysctl -p

© 2024 Ingram Micro, Inc. All Rights Reserved. Privacy Policy, Terms of Use and Legal