MilanHofmann commented on issue #7185:
URL: https://github.com/apache/cloudstack/issues/7185#issuecomment-1425831339
> @MilanHofmann
>
> can you describe your configuration ? mgmt server / agent ,nics/ ips, etc
>
> > @weizhouapache Thank you, that was the problem!
> > If I add the default route manually the vm checks all pass and NFS can
be mounted. But why is it necessary to add it myself? Shouldn't that be done by
KVM during the launch?
> > Also the vm is still not reachable from outside the host. Maybe I
misconfigured something here? `root@m0995:~# ip a` gives `1: lo:
<LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen
1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8
scope host lo valid_lft forever preferred_lft forever 2: eth0:
<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master cloudbr0 state
UP group default qlen 1000 link/ether 1c:6f:65:91:9e:86 brd ff:ff:ff:ff:ff:ff
altname enp4s0 4: cloudbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP group default qlen 1000 link/ether 1c:6f:65:91:9e:86 brd
ff:ff:ff:ff:ff:ff inet 79.143.179.221/24 metric 100 brd 79.143.179.255 scope
global dynamic cloudbr0 valid_lft 3777sec preferred_lft 3777sec inet6
fe80::1e6f:65ff:fe91:9e86/64 scope link valid_lft forever preferred_lft forever
5: cloudbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state
DOWN group default qlen 100
0 link/ether 1c:6f:65:91:9e:86 brd ff:ff:ff:ff:ff:ff inet6
fe80::1e6f:65ff:fe91:9e86/64 scope link valid_lft forever preferred_lft forever
7: cloud0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
group default qlen 1000 link/ether a6:d6:15:d8:3a:12 brd ff:ff:ff:ff:ff:ff inet
169.254.0.1/16 scope global cloud0 valid_lft forever preferred_lft forever 40:
eth0.200@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master
breth0-200 state UP group default qlen 1000 link/ether 1c:6f:65:91:9e:86 brd
ff:ff:ff:ff:ff:ff 41: breth0-200: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
qdisc noqueue state UP group default qlen 1000 link/ether 82:8d:82:b1:a4:f2 brd
ff:ff:ff:ff:ff:ff 42: vnet18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master cloud0 state UNKNOWN group default qlen 1000 link/ether
fe:00:a9:fe:b9:23 brd ff:ff:ff:ff:ff:ff 43: vnet19:
<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master cloudbr0 state
UNKNOWN group default qlen 1
000 link/ether fe:00:e3:00:01:7b brd ff:ff:ff:ff:ff:ff 44: vnet20:
<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master breth0-200
state UNKNOWN group default qlen 1000 link/ether fe:00:14:00:00:69 brd
ff:ff:ff:ff:ff:ff 45: vnet21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master cloud0 state UNKNOWN group default qlen 1000 link/ether
fe:00:a9:fe:a1:f9 brd ff:ff:ff:ff:ff:ff 46: vnet22:
<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master cloudbr0 state
UNKNOWN group default qlen 1000 link/ether fe:00:7d:00:01:1c brd
ff:ff:ff:ff:ff:ff 47: vnet23: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master breth0-200 state UNKNOWN group default qlen 1000 link/ether
fe:00:ed:00:00:68 brd ff:ff:ff:ff:ff:ff 48: virbr0:
<NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group
default qlen 1000 link/ether 52:54:00:42:23:f0 brd ff:ff:ff:ff:ff:ff inet
192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever
preferr
ed_lft forever`
> >
> > * this is my netplan config:
> >
> > network: version: 2 renderer: networkd ethernets: ens18: match:
macaddress: $myMacAdress bridges: cloudbr0: dhcp4: true macaddress:
$myMacAdress interfaces: - ens18 addresses: [$myAddress] # gateway4 is
deprecated, use routes instead routes: - to: 0.0.0.0/0 via: $myGateway on-link:
true nameservers: search: [ invalid ] addresses: - 8.8.8.8 - 8.8.4.4 cloudbr1:
dhcp4: false macaddress: $myMacAdress optional: true
@weizhouapache Sure!
`
ip route show
`
on host gives
`
default via 79.143.179.1 dev eth1
8.8.8.8 via 79.143.179.1 dev eth1
10.0.0.0/8 via 79.143.179.1 dev eth1
79.143.179.0/24 dev eth1 proto kernel scope link src 79.143.179.126
169.254.0.0/16 dev eth0 proto kernel scope link src 169.254.185.35
172.16.0.0/12 via 79.143.179.1 dev eth1
172.31.16.0/20 via 79.143.179.1 dev eth1
192.168.0.0/16 via 79.143.179.1 dev eth1
`
`
sudo iptables -S
`
gives:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N BF-breth0-200
-N BF-breth0-200-IN
-N BF-breth0-200-OUT
-N BF-cloudbr0
-N BF-cloudbr0-IN
-N BF-cloudbr0-OUT
-N LIBVIRT_FWI
-N LIBVIRT_FWO
-N LIBVIRT_FWX
-N LIBVIRT_INP
-N LIBVIRT_OUT
-N s-10-VM
-N s-12-VM
-N s-14-VM
-N s-16-VM
-N s-17-VM
-N ufw-after-forward
-N ufw-after-input
-N ufw-after-logging-forward
-N ufw-after-logging-input
-N ufw-after-logging-output
-N ufw-after-output
-N ufw-before-forward
-N ufw-before-input
-N ufw-before-logging-forward
-N ufw-before-logging-input
-N ufw-before-logging-output
-N ufw-before-output
-N ufw-reject-forward
-N ufw-reject-input
-N ufw-reject-output
-N ufw-track-forward
-N ufw-track-input
-N ufw-track-output
-N v-11-VM
-N v-13-VM
-N v-15-VM
-N v-18-VM
-N v-9-VM
-A INPUT -j LIBVIRT_INP
-A INPUT -j ufw-before-logging-input
-A INPUT -j ufw-before-input
-A INPUT -j ufw-after-input
-A INPUT -j ufw-after-logging-input
-A INPUT -j ufw-reject-input
-A INPUT -j ufw-track-input
-A FORWARD -o cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0
-A FORWARD -i cloudbr0 -m physdev --physdev-is-bridged -j BF-cloudbr0
-A FORWARD -o cloudbr0 -j DROP
-A FORWARD -i cloudbr0 -j DROP
-A FORWARD -o breth0-200 -m physdev --physdev-is-bridged -j BF-breth0-200
-A FORWARD -i breth0-200 -m physdev --physdev-is-bridged -j BF-breth0-200
-A FORWARD -o breth0-200 -j DROP
-A FORWARD -i breth0-200 -j DROP
-A FORWARD -j LIBVIRT_FWX
-A FORWARD -j LIBVIRT_FWI
-A FORWARD -j LIBVIRT_FWO
-A FORWARD -j ufw-before-logging-forward
-A FORWARD -j ufw-before-forward
-A FORWARD -j ufw-after-forward
-A FORWARD -j ufw-after-logging-forward
-A FORWARD -j ufw-reject-forward
-A FORWARD -j ufw-track-forward
-A OUTPUT -j LIBVIRT_OUT
-A OUTPUT -j ufw-before-logging-output
-A OUTPUT -j ufw-before-output
-A OUTPUT -j ufw-after-output
-A OUTPUT -j ufw-after-logging-output
-A OUTPUT -j ufw-reject-output
-A OUTPUT -j ufw-track-output
-A BF-breth0-200 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A BF-breth0-200 -m physdev --physdev-is-in --physdev-is-bridged -j
BF-breth0-200-IN
-A BF-breth0-200 -m physdev --physdev-is-out --physdev-is-bridged -j
BF-breth0-200-OUT
-A BF-breth0-200 -m physdev --physdev-out eth0.200 --physdev-is-bridged -j
ACCEPT
-A BF-breth0-200-IN -m physdev --physdev-in vnet20 --physdev-is-bridged -j
s-17-VM
-A BF-breth0-200-IN -m physdev --physdev-in vnet23 --physdev-is-bridged -j
v-18-VM
-A BF-breth0-200-OUT -m physdev --physdev-out vnet20 --physdev-is-bridged -j
s-17-VM
-A BF-breth0-200-OUT -m physdev --physdev-out vnet23 --physdev-is-bridged -j
v-18-VM
-A BF-cloudbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A BF-cloudbr0 -m physdev --physdev-is-in --physdev-is-bridged -j
BF-cloudbr0-IN
-A BF-cloudbr0 -m physdev --physdev-is-out --physdev-is-bridged -j
BF-cloudbr0-OUT
-A BF-cloudbr0 -m physdev --physdev-out eth0 --physdev-is-bridged -j ACCEPT
-A BF-cloudbr0-IN -m physdev --physdev-in vnet19 --physdev-is-bridged -j
s-17-VM
-A BF-cloudbr0-IN -m physdev --physdev-in vnet22 --physdev-is-bridged -j
v-18-VM
-A BF-cloudbr0-OUT -m physdev --physdev-out vnet19 --physdev-is-bridged -j
s-17-VM
-A BF-cloudbr0-OUT -m physdev --physdev-out vnet22 --physdev-is-bridged -j
v-18-VM
-A s-10-VM -m physdev --physdev-in vnet5 --physdev-is-bridged -j RETURN
-A s-10-VM -m physdev --physdev-in vnet4 --physdev-is-bridged -j RETURN
-A s-10-VM -j ACCEPT
-A s-12-VM -m physdev --physdev-in vnet5 --physdev-is-bridged -j RETURN
-A s-12-VM -m physdev --physdev-in vnet4 --physdev-is-bridged -j RETURN
-A s-12-VM -j ACCEPT
-A s-14-VM -m physdev --physdev-in vnet10 --physdev-is-bridged -j RETURN
-A s-14-VM -m physdev --physdev-in vnet11 --physdev-is-bridged -j RETURN
-A s-14-VM -j ACCEPT
-A s-16-VM -m physdev --physdev-in vnet17 --physdev-is-bridged -j RETURN
-A s-16-VM -m physdev --physdev-in vnet16 --physdev-is-bridged -j RETURN
-A s-16-VM -j ACCEPT
-A s-17-VM -m physdev --physdev-in vnet20 --physdev-is-bridged -j RETURN
-A s-17-VM -m physdev --physdev-in vnet19 --physdev-is-bridged -j RETURN
-A s-17-VM -j ACCEPT
-A v-11-VM -m physdev --physdev-in vnet2 --physdev-is-bridged -j RETURN
-A v-11-VM -m physdev --physdev-in vnet1 --physdev-is-bridged -j RETURN
-A v-11-VM -j ACCEPT
-A v-13-VM -m physdev --physdev-in vnet7 --physdev-is-bridged -j RETURN
-A v-13-VM -m physdev --physdev-in vnet8 --physdev-is-bridged -j RETURN
-A v-13-VM -j ACCEPT
-A v-15-VM -m physdev --physdev-in vnet14 --physdev-is-bridged -j RETURN
-A v-15-VM -m physdev --physdev-in vnet13 --physdev-is-bridged -j RETURN
-A v-15-VM -j ACCEPT
-A v-18-VM -m physdev --physdev-in vnet22 --physdev-is-bridged -j RETURN
-A v-18-VM -m physdev --physdev-in vnet23 --physdev-is-bridged -j RETURN
-A v-18-VM -j ACCEPT
-A v-9-VM -m physdev --physdev-in vnet2 --physdev-is-bridged -j RETURN
-A v-9-VM -m physdev --physdev-in vnet1 --physdev-is-bridged -j RETURN
-A v-9-VM -j ACCEPT
`
ip a
`
gives:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master
cloudbr0 state UP group default qlen 1000
link/ether 1c:6f:65:91:9e:86 brd ff:ff:ff:ff:ff:ff
altname enp4s0
4: cloudbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP group default qlen 1000
link/ether 1c:6f:65:91:9e:86 brd ff:ff:ff:ff:ff:ff
inet 79.143.179.221/24 metric 100 brd 79.143.179.255 scope global
dynamic cloudbr0
valid_lft 3105sec preferred_lft 3105sec
inet6 fe80::1e6f:65ff:fe91:9e86/64 scope link
valid_lft forever preferred_lft forever
5: cloudbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN group default qlen 1000
link/ether 1c:6f:65:91:9e:86 brd ff:ff:ff:ff:ff:ff
inet6 fe80::1e6f:65ff:fe91:9e86/64 scope link
valid_lft forever preferred_lft forever
7: cloud0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
group default qlen 1000
link/ether a6:d6:15:d8:3a:12 brd ff:ff:ff:ff:ff:ff
inet 169.254.0.1/16 scope global cloud0
valid_lft forever preferred_lft forever
40: eth0.200@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
master breth0-200 state UP group default qlen 1000
link/ether 1c:6f:65:91:9e:86 brd ff:ff:ff:ff:ff:ff
41: breth0-200: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP group default qlen 1000
link/ether 82:8d:82:b1:a4:f2 brd ff:ff:ff:ff:ff:ff
42: vnet18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master
cloud0 state UNKNOWN group default qlen 1000
link/ether fe:00:a9:fe:b9:23 brd ff:ff:ff:ff:ff:ff
43: vnet19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master
cloudbr0 state UNKNOWN group default qlen 1000
link/ether fe:00:e3:00:01:7b brd ff:ff:ff:ff:ff:ff
44: vnet20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master
breth0-200 state UNKNOWN group default qlen 1000
link/ether fe:00:14:00:00:69 brd ff:ff:ff:ff:ff:ff
45: vnet21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master
cloud0 state UNKNOWN group default qlen 1000
link/ether fe:00:a9:fe:a1:f9 brd ff:ff:ff:ff:ff:ff
46: vnet22: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master
cloudbr0 state UNKNOWN group default qlen 1000
link/ether fe:00:7d:00:01:1c brd ff:ff:ff:ff:ff:ff
47: vnet23: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master
breth0-200 state UNKNOWN group default qlen 1000
link/ether fe:00:ed:00:00:68 brd ff:ff:ff:ff:ff:ff
`
virsh net-list --all
`
gives:
`
Name State Autostart Persistent
----------------------------------------------
default inactive yes yes
`
+
[agent_properties.txt](https://github.com/apache/cloudstack/files/10707905/agent_properties.txt)
[mgmt-server_properties.txt](https://github.com/apache/cloudstack/files/10707906/mgmt-server_properties.txt)
Please let me know, if i can provide anything else!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
