MilanHofmann commented on issue #7171: URL: https://github.com/apache/cloudstack/issues/7171#issuecomment-1422477897
@weizhouapache Yes that solved the issue, thanx! But still the VM is not reachable: `2023-02-08 12:47:10,383 DEBUG [kvm.resource.LibvirtConnection] (agentRequest-Handler-1:null) (logid:2e150804) Can not find KVM connection for Instance: s-210-VM, continuing. 2023-02-08 12:47:10,384 DEBUG [kvm.resource.LibvirtConnection] (agentRequest-Handler-1:null) (logid:2e150804) Looking for libvirtd connection at: lxc:/// 2023-02-08 12:47:10,384 INFO [kvm.resource.LibvirtConnection] (agentRequest-Handler-1:null) (logid:2e150804) No existing libvirtd connection found. Opening a new one 2023-02-08 12:47:10,385 DEBUG [kvm.resource.LibvirtConnection] (agentRequest-Handler-1:null) (logid:2e150804) Can not find LXC connection for Instance: s-210-VM, continuing. 2023-02-08 12:47:10,386 WARN [kvm.resource.LibvirtConnection] (agentRequest-Handler-1:null) (logid:2e150804) Can not find a connection for Instance s-210-VM. Assuming the default connection. 2023-02-08 12:47:10,386 DEBUG [kvm.resource.LibvirtConnection] (agentRequest-Handler-1:null) (logid:2e150804) Looking for libvirtd connection at: qemu:///system 2023-02-08 12:47:10,403 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) Failed to get dom xml: org.libvirt.LibvirtException: Domain not found: no domain with matching name 's-210-VM' 2023-02-08 12:47:10,404 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) Failed to get dom xml: org.libvirt.LibvirtException: Domain not found: no domain with matching name 's-210-VM' 2023-02-08 12:47:10,405 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) Failed to get dom xml: org.libvirt.LibvirtException: Domain not found: no domain with matching name 's-210-VM' 2023-02-08 12:47:10,405 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) Executing: /usr/share/cloudstack-common/scripts/vm/network/security_group.py destroy_network_rules_for_vm --vmname s-210-VM 2023-02-08 12:47:10,406 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) Executing while with timeout : 1800000 2023-02-08 12:47:10,504 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) Execution is successful. 2023-02-08 12:47:10,506 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) Failed to get vm :Domain not found: no domain with matching name 's-210-VM' 2023-02-08 12:47:10,506 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) Try to stop the vm at first 2023-02-08 12:47:10,507 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-1:null) (logid:2e150804) VM s-210-VM doesn't exist, no need to stop it ` [agent.log](https://github.com/apache/cloudstack/files/10685161/agent.log) Anyway here are my iptables + nftables versions: ` Package: iptables Version: 1.8.7-1ubuntu5 Priority: standard Section: net Origin: Ubuntu Maintainer: Ubuntu Developers <[email protected]> Original-Maintainer: Debian Netfilter Packaging Team <[email protected]> Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 2905 kB Depends: libip4tc2 (= 1.8.7-1ubuntu5), libip6tc2 (= 1.8.7-1ubuntu5), libxtables12 (= 1.8.7-1ubuntu5), netbase (>= 6.0), libc6 (>= 2.34), libmnl0 (>= 1.0.3-4~), libnetfilter-conntrack3 (>= 1.0.6), libnfnetlink0, libnftnl11 (>= 1.1.5) Suggests: firewalld, kmod, nftables Breaks: iptables-nftables-compat (<< 1.6.2~) Replaces: iptables-nftables-compat (<< 1.6.2~) Homepage: https://www.netfilter.org/ Task: standard Download-Size: 455 kB APT-Manual-Installed: yes APT-Sources: http://asi-fs-m.contabo.net/ubuntu jammy/main amd64 Packages Description: administration tools for packet filtering and NAT The iptables/xtables framework has been replaced by nftables. You should consider migrating now. . iptables is the userspace command line program used to configure the Linux packet filtering and NAT ruleset. It is targeted towards systems and networks administrators. . This package contains several different utilities, the most important ones: . iptables-nft, iptables-nft-save, iptables-nft-restore (nft-based version) . iptables-legacy, iptables-legacy-save, iptables-legacy-restore (legacy version) . ip6tables-nft, ip6tables-nft-save, ip6tables-nft-restore (nft-based version) . ip6tables-legacy, ip6tables-legacy-save, ip6tables-legacy-restore (legacy version) . arptables-nft, arptables-nft-save, arptables-nft-restore (nft-based version) . ebtables-nft, ebtables-nft-save, ebtables-nft-restore (nft-based version) ` + ` Package: nftables Version: 1.0.2-1ubuntu3 Priority: standard Section: net Origin: Ubuntu Maintainer: Ubuntu Developers <[email protected]> Original-Maintainer: Debian Netfilter Packaging Team <[email protected]> Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 181 kB Depends: libnftables1 (= 1.0.2-1ubuntu3), libc6 (>= 2.34), libedit2 (>= 3.1-20130611-0) Recommends: netbase Suggests: firewalld Homepage: https://www.netfilter.org/ Task: standard Download-Size: 67.2 kB APT-Manual-Installed: no APT-Sources: http://asi-fs-m.contabo.net/ubuntu jammy-updates/main amd64 Packages Description: Program to control packet filtering rules by Netfilter project This software provides an in-kernel packet classification framework that is based on a network-specific Virtual Machine (VM) and the nft userspace command line tool. The nftables framework reuses the existing Netfilter subsystems such as the existing hook infrastructure, the connection tracking system, NAT, userspace queueing and logging subsystem. . nftables replaces the old popular iptables, ip6tables, arptables and ebtables. . Netfilter software and nftables in particular are used in applications such as Internet connection sharing, firewalls, IP accounting, transparent proxying, advanced routing and traffic control. . A Linux kernel >= 3.13 is required. However, >= 4.14 is recommended. ` ` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
