I have created a security profile and use it when I create a new instance. I have added a ingress rule to allow TCP/IP port to be open from 0 to 10000 - CICR 10.0.2.0/24 (and also TCP/IP 22 22 0.0.0.0/0)
Unfortunately I cannot connect from DevCloud VM to the cloud instance oot@devcloud:~# ssh root@10.0.2.100 ssh: connect to host 10.0.2.100 port 22: No route to host root@devcloud:~# ip route default via 10.0.2.2 dev xenbr0 metric 100 10.0.2.0/24 dev xenbr0 proto kernel scope link src 10.0.2.15 10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 169.254.0.0/16 dev xapi0 scope link src 169.254.0.1 If I try to open the instance using the web console, I see this message in the web console [ 118.613066] martian destination 0.0.0.0 from 10.0.2.2, dev eth0 On Thu, Oct 25, 2012 at 8:01 PM, Edison Su <edison...@citrix.com> wrote: > You need to create a new security group from UI, then when you create a > new instance, you will see the available security groups created by > yourself, and can select some of them. > > > -----Original Message----- > > From: Charles Moulliard [mailto:ch0...@gmail.com] > > Sent: Thursday, October 25, 2012 10:17 AM > > To: cloudstack-users@incubator.apache.org > > Subject: Re: Access internal cloud instance from host > > > > I have been able to add ingress rule to the default security group > > > > When I create a new instance (using web interface) I cannot select a > > security group ? > > > > On Thu, Oct 25, 2012 at 7:07 PM, Charles Moulliard <ch0...@gmail.com> > > wrote: > > > > > How can I add this as under network I could not find a button to > > define a > > > new security group ? > > > > > > > > > On Thu, Oct 25, 2012 at 6:43 PM, Edison Su <edison...@citrix.com> > > wrote: > > > > > >> By default, the ingress packets are blocked for all the user VMs, > > due to > > >> the security group. > > >> You can enable icmp or any other tcp/udp port from cloudstack mgt ui. > > >> > > >> > -----Original Message----- > > >> > From: Charles Moulliard [mailto:ch0...@gmail.com] > > >> > Sent: Thursday, October 25, 2012 9:38 AM > > >> > To: cloudstack-users@incubator.apache.org > > >> > Subject: Fwd: Access internal cloud instance from host > > >> > > > >> > Hi, > > >> > > > >> > I would like to thanks all the guys who have help me since > > yesterday. I > > >> > have been able to install and run successfully cloudstack release > > 4.0 > > >> > on a > > >> > MacBookPro (OSX 10.7.4) where DevCloud is deployed in VirtualBox. > > Thx > > >> > for > > >> > step by step + video ( > > >> > https://cwiki.apache.org/CLOUDSTACK/cloudstack-40-test- > > procedure.html, > > >> > https://vimeo.com/52150218 > > >> > ) > > >> > > > >> > Question : What should we modify to allow to access from the > > DevCloud > > >> > VM > > >> > machine to one cloud instance created ? > > >> > > > >> > LapTop - MacBookPro with address 192.168.1.2 > > >> > Within a terminal on my mac I can connect to the DevCloud Virtual > > >> > Machine > > >> > using ssh > > >> > > > >> > ssh -p 2222 root@localhost > > >> > root@localhost's password: > > >> > Welcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-23-generic-pae i686) > > >> > > > >> > System load: 0.36 Users logged in: 0 > > >> > Usage of /: 31.3% of 5.57GB IP address for eth0: 10.0.2.15 > > >> > Memory usage: 83% IP address for xenbr0: 10.0.2.15 > > >> > Swap usage: 0% IP address for xapi0: > > 169.254.0.1 > > >> > Processes: 133 > > >> > > > >> > Last login: Thu Oct 25 08:00:52 2012 from 10.0.2.2 > > >> > > > >> > Here is the config of the IP tables > > >> > > > >> > root@devcloud:~# ip route > > >> > default via 10.0.2.2 dev xenbr0 metric 100 > > >> > 10.0.2.0/24 dev xenbr0 proto kernel scope link src 10.0.2.15 > > >> > 10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 > > >> > 169.254.0.0/16 dev xapi0 scope link src 169.254.0.1 > > >> > > > >> > Through CloudStack, I have created a cloud instance (name = -2-5- > > TEST, > > >> > IP > > >> > address =10.0.2.131) and I can access it from web console ( > > >> > http://localhost:8080/client/console?cmd=access&vm=421c3020-6102- > > 4fc0- > > >> > b83c-b25a26d9829d > > >> > ). > > >> > > > >> > Unfortunately, this is not the case within the virtual machine > > >> > > > >> > root@devcloud:~# ping 10.0.2.131 > > >> > PING 10.0.2.131 (10.0.2.131) 56(84) bytes of data. > > >> > From 10.0.2.15 icmp_seq=1 Destination Host Unreachable > > >> > From 10.0.2.15 icmp_seq=2 Destination Host Unreachable > > >> > From 10.0.2.15 icmp_seq=3 Destination Host Unreachable > > >> > > > >> > Is there something wrong in the config/routing tables ? > > >> > > > >> > Regards, > > >> > > > >> > -- > > >> > Charles Moulliard > > >> > Apache Committer / Sr. Enterprise Architect (RedHat) > > >> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > -- > > >> > Charles Moulliard > > >> > Apache Committer / Sr. Enterprise Architect (RedHat) > > >> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com > > >> > > > > > > > > > > > > -- > > > Charles Moulliard > > > Apache Committer / Sr. Enterprise Architect (RedHat) > > > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com > > > > > > > > > > > > > > > -- > > Charles Moulliard > > Apache Committer / Sr. Enterprise Architect (RedHat) > > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com > -- Charles Moulliard Apache Committer / Sr. Enterprise Architect (RedHat) Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com