From 28142b49a8458fa5fa4b4aa15b2ae3d18059d64c Mon Sep 17 00:00:00 2001 From: Davi Torres <90287660+daviftorres@users.noreply.github.com> Date: Wed, 12 Feb 2025 15:10:32 -0500 Subject: [PATCH 01/10] Update kvm.rst - iptables before rule On Ubuntu 24.04 LTS I found the described issue with the forwarding traffic back and fourth from guests system VMs and the physical interfaces attached to the bridges. This solved my problems. --- source/installguide/hypervisor/kvm.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/installguide/hypervisor/kvm.rst b/source/installguide/hypervisor/kvm.rst index 969730cc26..beadf39cc1 100644 --- a/source/installguide/hypervisor/kvm.rst +++ b/source/installguide/hypervisor/kvm.rst @@ -1551,8 +1551,8 @@ To open the required ports, execute the following commands: sudo vi /etc/ufw/before.rules .. parsed-literal:: - -A FORWARD -d 192.168.42.11 -j ACCEPT - -A FORWARD -s 192.168.42.11 -j ACCEPT + -A FORWARD -d 192.168.42.0/24 -j ACCEPT + -A FORWARD -s 192.168.42.0/24 -j ACCEPT Additional Packages Required for Features From 5345f3957547bdf1ea4ec10f120c0480393c79e9 Mon Sep 17 00:00:00 2001 From: Davi Torres <90287660+daviftorres@users.noreply.github.com> Date: Tue, 18 Feb 2025 21:55:21 -0500 Subject: [PATCH 02/10] Update qig.rst --- source/quickinstallationguide/qig.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index da74fe90cf..346e1f2951 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -353,8 +353,8 @@ section: innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 - log-bin=mysql-bin - binlog-format = 'ROW' + log_bin=mysql-bin + binlog_format = 'ROW' Now that MySQL is properly configured we can start it and configure it to From 05641a2046d106e886df1d5299e7261a4c23e0ed Mon Sep 17 00:00:00 2001 From: Davi Torres <90287660+daviftorres@users.noreply.github.com> Date: Tue, 18 Feb 2025 21:58:24 -0500 Subject: [PATCH 03/10] Update optional_installation.rst From aca1381e9050494b7f7b6f20f08fb7bb18e15c79 Mon Sep 17 00:00:00 2001 From: Davi Torres <90287660+daviftorres@users.noreply.github.com> Date: Tue, 18 Feb 2025 22:01:56 -0500 Subject: [PATCH 04/10] Update _database.rst --- .../installguide/management-server/_database.rst | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/source/installguide/management-server/_database.rst b/source/installguide/management-server/_database.rst index ca70a13e8c..61301d0f02 100644 --- a/source/installguide/management-server/_database.rst +++ b/source/installguide/management-server/_database.rst @@ -64,20 +64,20 @@ MySQL. See :ref:`install-database-on-separate-node`. innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 - log-bin=mysql-bin - binlog-format = 'ROW' + log_bin=mysql-bin + binlog_format=ROW .. note:: - For Ubuntu 16.04 and later, make sure you specify a ``server-id`` in your ``.cnf`` file for binary logging. Set the ``server-id`` according to your database setup. + For Ubuntu 16.04 and later, make sure you specify a ``server_id`` in your ``/etc/mysql/mysql.conf.d/mysqld.cnf`` file for binary logging. Set the ``server_id`` according to your database setup. .. parsed-literal:: - server-id=source-01 + server_id=source-01 innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 - log-bin=mysql-bin - binlog-format = 'ROW' + log_bin=mysql-bin + binlog_format=ROW .. note:: You can also create a file ``/etc/mysql/conf.d/cloudstack.cnf`` @@ -328,8 +328,8 @@ same node for MySQL. See `“Install the Database on the Management Server Node innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=700 - log-bin=mysql-bin - binlog-format = 'ROW' + log_bin=mysql-bin + binlog_format = 'ROW' bind-address = 0.0.0.0 #. Start or restart MySQL to put the new configuration into effect. From 1a9c7a461c46c7ecfa2c727df815dffd7409da19 Mon Sep 17 00:00:00 2001 From: Davi Torres <90287660+daviftorres@users.noreply.github.com> Date: Tue, 18 Feb 2025 22:03:33 -0500 Subject: [PATCH 05/10] Update _database.rst --- source/installguide/management-server/_database.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/installguide/management-server/_database.rst b/source/installguide/management-server/_database.rst index 61301d0f02..8db4fbd355 100644 --- a/source/installguide/management-server/_database.rst +++ b/source/installguide/management-server/_database.rst @@ -329,8 +329,8 @@ same node for MySQL. See `“Install the Database on the Management Server Node innodb_lock_wait_timeout=600 max_connections=700 log_bin=mysql-bin - binlog_format = 'ROW' - bind-address = 0.0.0.0 + binlog_format=ROW + bind-address=0.0.0.0 #. Start or restart MySQL to put the new configuration into effect. From e302881fc76285366094628e10526755e6953721 Mon Sep 17 00:00:00 2001 From: Davi Torres <90287660+daviftorres@users.noreply.github.com> Date: Tue, 18 Feb 2025 22:05:27 -0500 Subject: [PATCH 06/10] Update qig.rst --- source/quickinstallationguide/qig.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 346e1f2951..7f08777b19 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -354,7 +354,7 @@ section: innodb_lock_wait_timeout=600 max_connections=350 log_bin=mysql-bin - binlog_format = 'ROW' + binlog_format=ROW Now that MySQL is properly configured we can start it and configure it to From 44233b1e6e99ac992777e7835cbf532d464436b3 Mon Sep 17 00:00:00 2001 From: Davi Torres <90287660+daviftorres@users.noreply.github.com> Date: Tue, 25 Feb 2025 15:53:44 -0500 Subject: [PATCH 07/10] Update kvm.rst --- source/installguide/hypervisor/kvm.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/source/installguide/hypervisor/kvm.rst b/source/installguide/hypervisor/kvm.rst index beadf39cc1..8acaece3b0 100644 --- a/source/installguide/hypervisor/kvm.rst +++ b/source/installguide/hypervisor/kvm.rst @@ -1551,8 +1551,7 @@ To open the required ports, execute the following commands: sudo vi /etc/ufw/before.rules .. parsed-literal:: - -A FORWARD -d 192.168.42.0/24 -j ACCEPT - -A FORWARD -s 192.168.42.0/24 -j ACCEPT + -A FORWARD -j ACCEPT Additional Packages Required for Features From 6c3f7401a2b048eb9530d0b86ec33153fbede3f5 Mon Sep 17 00:00:00 2001 From: Davi Torres <90287660+daviftorres@users.noreply.github.com> Date: Thu, 27 Feb 2025 08:29:21 -0500 Subject: [PATCH 08/10] Update kvm.rst --- source/installguide/hypervisor/kvm.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/source/installguide/hypervisor/kvm.rst b/source/installguide/hypervisor/kvm.rst index 8acaece3b0..5c969f9707 100644 --- a/source/installguide/hypervisor/kvm.rst +++ b/source/installguide/hypervisor/kvm.rst @@ -1541,17 +1541,17 @@ To open the required ports, execute the following commands: $ ufw allow proto tcp from any to any port 49152:49216 .. note:: - By default UFW is not enabled on Ubuntu. Executing these commands with the - firewall disabled does not enable the firewall. + Since Ubuntu 22.04 LTS, the UFW's default policy for forwarding is set to "DROP". + Change it to "ACCEPT". - If you have an issue with ufw while using a bridged connection, - add those two lines at the end of the /etc/ufw/before.rules just before COMMIT +.. parsed-literal:: + sudo vi /etc/default/ufw .. parsed-literal:: - sudo vi /etc/ufw/before.rules + DEFAULT_FORWARD_POLICY="ACCEPT" .. parsed-literal:: - -A FORWARD -j ACCEPT + sudo ufw enable Additional Packages Required for Features From 82048eda655fd6b2017cf6866d374ff7c031c1d1 Mon Sep 17 00:00:00 2001 From: Davi Torres Date: Fri, 11 Apr 2025 15:44:21 -0400 Subject: [PATCH 09/10] Health Checks and Monitoring --- source/installguide/optional_installation.rst | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/source/installguide/optional_installation.rst b/source/installguide/optional_installation.rst index 9496bd245a..73a16e5ece 100644 --- a/source/installguide/optional_installation.rst +++ b/source/installguide/optional_installation.rst @@ -114,6 +114,39 @@ For storing certificates, admins can create and configure a java keystore file and configure the same in the server.properties file as illustrated above. +Health Checks and Monitoring (Optional) +--------------------------------------- + +CloudStack as a plugin for exporting metrics in the format that Prometheus can consume. +This is done by enabling the following configuration parameters in the Global Settings. + + .. parsed-literal:: + + # cloudmonkey update configuration name=prometheus.exporter.enable value=true + # cloudmonkey update configuration name=prometheus.exporter.port value=9595 + # cloudmonkey update configuration name=prometheus.exporter.allowed.ips value="127.0.0.1,192.168.0.10" + +.. note:: + These settings are available to be configured via the CloudStack UI as well. + CloudStack Management needs to be restarted for the changes to take effect. + Replace the mock IP address 192.168.0.10 with the actual IP address of the Prometheus server. + +.. warning:: + A list of addresses can be provided as a comma separated list. It does NOT accept CIDR notation. + +Then, configure prometheus to start pulling metrics by adding the following configuration to ``/etc/prometheus/prometheus.yml``. + + .. parsed-literal:: + + - job_name: 'management' + static_configs: + - targets: ['192.168.0.20:9595'] + +.. note:: + Replace the mock IP address 192.168.0.20 with the actual IP address of the Management server. + Public dashboards are available in the Grafana repository for visualizing CloudStack Management metrics. + + Database Replication (Optional) ------------------------------- From 924f7e3e0fd75ce6339cbbc98253b0a1e4689164 Mon Sep 17 00:00:00 2001 From: Davi Torres Date: Fri, 11 Apr 2025 15:47:53 -0400 Subject: [PATCH 10/10] cleanup --- source/installguide/hypervisor/kvm.rst | 13 +++++++------ .../management-server/_database.rst | 18 +++++++++--------- source/quickinstallationguide/qig.rst | 4 ++-- 3 files changed, 18 insertions(+), 17 deletions(-) diff --git a/source/installguide/hypervisor/kvm.rst b/source/installguide/hypervisor/kvm.rst index 5c969f9707..969730cc26 100644 --- a/source/installguide/hypervisor/kvm.rst +++ b/source/installguide/hypervisor/kvm.rst @@ -1541,17 +1541,18 @@ To open the required ports, execute the following commands: $ ufw allow proto tcp from any to any port 49152:49216 .. note:: - Since Ubuntu 22.04 LTS, the UFW's default policy for forwarding is set to "DROP". - Change it to "ACCEPT". + By default UFW is not enabled on Ubuntu. Executing these commands with the + firewall disabled does not enable the firewall. -.. parsed-literal:: - sudo vi /etc/default/ufw + If you have an issue with ufw while using a bridged connection, + add those two lines at the end of the /etc/ufw/before.rules just before COMMIT .. parsed-literal:: - DEFAULT_FORWARD_POLICY="ACCEPT" + sudo vi /etc/ufw/before.rules .. parsed-literal:: - sudo ufw enable + -A FORWARD -d 192.168.42.11 -j ACCEPT + -A FORWARD -s 192.168.42.11 -j ACCEPT Additional Packages Required for Features diff --git a/source/installguide/management-server/_database.rst b/source/installguide/management-server/_database.rst index 8db4fbd355..ca70a13e8c 100644 --- a/source/installguide/management-server/_database.rst +++ b/source/installguide/management-server/_database.rst @@ -64,20 +64,20 @@ MySQL. See :ref:`install-database-on-separate-node`. innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 - log_bin=mysql-bin - binlog_format=ROW + log-bin=mysql-bin + binlog-format = 'ROW' .. note:: - For Ubuntu 16.04 and later, make sure you specify a ``server_id`` in your ``/etc/mysql/mysql.conf.d/mysqld.cnf`` file for binary logging. Set the ``server_id`` according to your database setup. + For Ubuntu 16.04 and later, make sure you specify a ``server-id`` in your ``.cnf`` file for binary logging. Set the ``server-id`` according to your database setup. .. parsed-literal:: - server_id=source-01 + server-id=source-01 innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 - log_bin=mysql-bin - binlog_format=ROW + log-bin=mysql-bin + binlog-format = 'ROW' .. note:: You can also create a file ``/etc/mysql/conf.d/cloudstack.cnf`` @@ -328,9 +328,9 @@ same node for MySQL. See `“Install the Database on the Management Server Node innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=700 - log_bin=mysql-bin - binlog_format=ROW - bind-address=0.0.0.0 + log-bin=mysql-bin + binlog-format = 'ROW' + bind-address = 0.0.0.0 #. Start or restart MySQL to put the new configuration into effect. diff --git a/source/quickinstallationguide/qig.rst b/source/quickinstallationguide/qig.rst index 7f08777b19..da74fe90cf 100644 --- a/source/quickinstallationguide/qig.rst +++ b/source/quickinstallationguide/qig.rst @@ -353,8 +353,8 @@ section: innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 - log_bin=mysql-bin - binlog_format=ROW + log-bin=mysql-bin + binlog-format = 'ROW' Now that MySQL is properly configured we can start it and configure it to