Re: Improving SSVM performance
Hey Simon, Is that done as the systemvm template is being uploaded, or can we edit it afterwards? Thanks, Sean On 28 November 2013 19:34, Simon Murphy simon.mur...@vifx.co.nz wrote: have you tried changing the default network adapter to vmxnet3? Sent from my Android phone using TouchDown (www.nitrodesk.com) -Original Message- From: Sean Hamilton [s...@seanhamilton.co.uk] Received: Friday, 29 Nov 2013, 4:10am To: users@cloudstack.apache.org [users@cloudstack.apache.org] Subject: Improving SSVM performance We run 4.2 with VMware hypervisor. We'd like to improve the SSVM performance, specifically when exporting and deploying templates. Does anyone have any guides on doing this at all? Thanks, Sean
RE: Improving SSVM performance
there is a global settting under the vmware section. Sent from my Android phone using TouchDown (www.nitrodesk.com) -Original Message- From: Sean Hamilton [s...@seanhamilton.co.uk] Received: Monday, 02 Dec 2013, 10:10pm To: users@cloudstack.apache.org [users@cloudstack.apache.org] Subject: Re: Improving SSVM performance Hey Simon, Is that done as the systemvm template is being uploaded, or can we edit it afterwards? Thanks, Sean On 28 November 2013 19:34, Simon Murphy simon.mur...@vifx.co.nz wrote: have you tried changing the default network adapter to vmxnet3? Sent from my Android phone using TouchDown (www.nitrodesk.comhttp://www.nitrodesk.com) -Original Message- From: Sean Hamilton [s...@seanhamilton.co.uk] Received: Friday, 29 Nov 2013, 4:10am To: users@cloudstack.apache.org [users@cloudstack.apache.org] Subject: Improving SSVM performance We run 4.2 with VMware hypervisor. We'd like to improve the SSVM performance, specifically when exporting and deploying templates. Does anyone have any guides on doing this at all? Thanks, Sean
SSVM showing alert status
Hi all, My SSVM is showing ALERT as its status. How can I troubleshoot this? Also, Any tips on how to log into the SSVM and CPVM? Thanks, Jake
RE: SSVM showing alert status
This might be helpful for you: https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSVM%2C+templates%2C+Secondary+storage+troubleshooting --Sanjay -Original Message- From: Jake G. [mailto:dj_dark_jungl...@yahoo.com] Sent: Monday, December 2, 2013 3:03 PM To: users@cloudstack.apache.org Subject: SSVM showing alert status Hi all, My SSVM is showing ALERT as its status. How can I troubleshoot this? Also, Any tips on how to log into the SSVM and CPVM? Thanks, Jake
Re: ACS 4.2 Error adding S3/Ceph secondary storage
Hi, Just to confirm, has this been resolved in the 4.2.1 release as expected? Best regards *Graeme Lambert* On 18/11/13 18:05, Min Chen wrote: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Migration+of+NFS+Sec ondary+Storage+to+Object+Store
Re: SSVM showing alert status
On 02-Dec-2013, at 3:27 pm, Jake G. dj_dark_jungl...@yahoo.com wrote: Thanks! I read that but I am unable to log in to the server. Port 3922 Connection Refused. Jake, SSVM are stateless. You can destroy them and CloudStack will create a new one in its place. Alternatively, you could try and debug the issue further by attaching a console to it. Regards. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Reg: Get Vm-Password Decrpty
Hi, I am used getvmpassword api () and followed below steps to decrpyt the password of vms. Binarytext file is empty while i ran command openssl enc -in ciphertext -out binarytext -d -a. Any one please suggest this syntax is correct. https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34014652 Note: - i have my encrypted password to ciphertext and try to generate binarytext. Regards, Prakash.M
Re: Reg: Get Vm-Password Decrpty
Hi, anyone face this issue. Hi, I am used getvmpassword api () and followed below steps to decrpyt the password of vms. Binarytext file is empty while i ran command openssl enc -in ciphertext -out binarytext -d -a. Any one please suggest this syntax is correct. https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=34014652 Note: - i have my encrypted password to ciphertext and try to generate binarytext. Regards, Prakash.M
Global Settings: host and System VM's
Hi, We have setup a private cloud with multiple Cloudstack nodes. It is fairly easy to load-balance webui and API queries, but, I've recently discovered that SystemVM's have a static route to a cloudstack node ( the first one we put in place). Also their is a Global Setttings host which contain the IP of our initial cloudstack node. Do we have to change this host config to a load-balanced IP for the system API call on TCP:8250 ? Also, is their existing documentation on how to use the secure port instead which would be tcp:3922 ? Thanks, Pierre-Luc Dion Architecte de Solution Cloud | Cloud Solutions Architect 514-447-3456, 1101 - - - *CloudOps*420 rue Guy Montréal QC H3J 1S6 www.cloudops.com @CloudOps_
Re: Install Cloudstack with Chef
Isn't interesting to go get a coffee while the automated stuff do the work? this way, what's the matter on having to wait 15 mins to get Cloudstack up and ready ? Or tea for those British :-P haha, The main idea is not to get cloudstack installed in mater of second, for this snapshot are best suited. But is to have a single installation method valid for multiple versions of cloudstack and for prod, dev and test environments. I wouldn't say those cookbooks are their yet, but close... I guest it is the same objective with Ansible scripts as well. Pierre-Luc Dion Architecte de Solution Cloud | Cloud Solutions Architect 514-447-3456, 1101 - - - *CloudOps*420 rue Guy Montréal QC H3J 1S6 www.cloudops.com @CloudOps_ On Sun, Dec 1, 2013 at 3:15 AM, Geoff Higginbottom geoff.higginbot...@shapeblue.com wrote: Ha Ha Dave, Being British, a cup of tea is an institution and some things are simply best done by hand. Regards Geoff Higginbottom CTO / Cloud Architect D: +44 20 3603 0542tel:+442036030542 | S: +44 20 3603 0540tel: +442036030540 | M: +447968161581tel:+447968161581 geoff.higginbot...@shapeblue.commailto:geoff.higginbot...@shapeblue.com | www.shapeblue.com ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS On 30 Nov 2013, at 21:37, Dave Dunaway dave.duna...@gmail.commailto: dave.duna...@gmail.com wrote: Come on Geoff! You have to automate putting the kettle on as well as part of any scripts! :) On Sat, Nov 30, 2013 at 4:32 AM, Geoff Higginbottom geoff.higginbot...@shapeblue.commailto:geoff.higginbot...@shapeblue.com wrote: We a few automated installation procedures (bash scripts, Ansible etc) and the install on a clean CentOS / RHEL VM does take a certain amount of time as there are lots if dependencies which need to be downloaded and installed etc. The biggest time consuming element is the decompressing of the System VM template, this is the main cause of the 15min timeline. Actual keyboard time is circa 5 Secs to simply execute the installation process, then put the kettle on, and 15mins later you have a working cloud. Regards Geoff Higginbottom CTO / Cloud Architect D: +44 20 3603 0542tel:+442036030542 | S: +44 20 3603 0540tel: +442036030540 | M: +447968161581tel:+447968161581 geoff.higginbot...@shapeblue.commailto:geoff.higginbot...@shapeblue.com mailto:geoff.higginbot...@shapeblue.com | www.shapeblue.comhttp://www.shapeblue.com ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS On 30 Nov 2013, at 08:55, sebgoa run...@gmail.commailto: run...@gmail.commailto: run...@gmail.commailto:run...@gmail.com wrote: On Nov 30, 2013, at 1:49 AM, Nux! n...@li.nux.romailto:n...@li.nux.ro mailto:n...@li.nux.ro wrote: On 29.11.2013 20:10, Sebastien Goasguen wrote: Terrific Pierre-Luc, thanks a lot. For those not in Amsterdam last week , pierre-luc used those cookbooks to install cloudstack in 15 minutes chrono :) live! 15 minutes seems like a long time for something automated, I'm pretty sure I can install it under 15 minutes following the runbook[1]. including downloading the systemVMs ? etc I should had that this was actually installing cloudstack in a cloud. From a laptop in Amsterdam to a cloud in Montreal. But let's improve those recipes and cut the time down to 2 minutes, game on !!! [1] - https://people.apache.org/~ke4qqq/runbook/ -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.rohttp://www.nux.rohttp://www.nux.ro This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated
RE: Global Settings: host and System VM's
Pierre-Luc, You are correct in your assumption that the 'host' global setting needs to be changed to the LB VIP for 8250 traffic, then you need to restart the management service, then stop and start each System VM so they load the new settings - do not simply re-start the System VMs, they will not load the new Global Setting Regards Geoff Higginbottom D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 geoff.higginbot...@shapeblue.com -Original Message- From: Pierre-Luc Dion [mailto:pd...@cloudops.com] Sent: 02 December 2013 15:50 To: users@cloudstack.apache.org Subject: Global Settings: host and System VM's Hi, We have setup a private cloud with multiple Cloudstack nodes. It is fairly easy to load-balance webui and API queries, but, I've recently discovered that SystemVM's have a static route to a cloudstack node ( the first one we put in place). Also their is a Global Setttings host which contain the IP of our initial cloudstack node. Do we have to change this host config to a load-balanced IP for the system API call on TCP:8250 ? Also, is their existing documentation on how to use the secure port instead which would be tcp:3922 ? Thanks, Pierre-Luc Dion Architecte de Solution Cloud | Cloud Solutions Architect 514-447-3456, 1101 - - - *CloudOps*420 rue Guy Montréal QC H3J 1S6 www.cloudops.com @CloudOps_ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: Cloudstack with OpenContrail plugin
I am planning to work on integration testing. (4.4 + Contrail) Still digging on how and where to get started. Will post update once I get started. .. Parth On 11/28/13, 9:40 AM, Daan Hoogland daan.hoogl...@gmail.com wrote: H, I think integration is still underway as the contrail maven project does not contain a spring context file yet. If you want to see what the state is you'll have to hack it in. On Thu, Nov 28, 2013 at 4:19 PM, tawfiq zidi tawfiq.z...@gmail.com wrote: Hi, Does Anyone Tested Juniper Contrail Plugin ? On Wed, Nov 27, 2013 at 5:02 PM, tawfiq zidi tawfiq.z...@gmail.com wrote: HI, I've recently deployed CloudStack 4.4-SNAPSHOT with XenServer 6.2. I'm looking for testing OpenContrail Plugins , But i've didn't found Contrail plugin under Server Provider Networking Tab . Can anyone describe the steps to integrate OpenContrail Plugin ? Thank you.
idmpad.conf
Hi, I was wondering if you can help me, I am currently trying to set up a private cloud using Apache Cloudstack. In the documentation it says to edit the idmpad.conf and remove the comment and replace with your domain name of your company. I am setting up a test private cloud within my house so haven't a domain name can I leave this blank or? Any help would be greatly appreciated Many thanks in advance James
VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Hello, I need support in an issue that i am facing, I have installed cloudstack in advanced mode, my VM's on cloudstack hosts not communicating to the internet, from the virtual router can not ping the gateway, however from the gateway can ping the system vm's and they are all tagged. Environment is as follows:1) Management Network / Pod is 192.168.1.0/24 Vlan 20 and the MS server Hyper visor ports are set to trunk all vlan, their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server 6.2 (open vswitch mode) Port forward is working fine and can access the vm's from outside networks, however can not access internet from vm's, logged in to the system virtual router and can not ping gateway. And verified the vlan's functionality with different physical virtual environments. Could anyone please help? Thanks in advance. Amin Samir
Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Have you configured the Igress and Outgress of firewall rules? 2013/12/3 Amin Samir aminsamira...@hotmail.com Hello, I need support in an issue that i am facing, I have installed cloudstack in advanced mode, my VM's on cloudstack hosts not communicating to the internet, from the virtual router can not ping the gateway, however from the gateway can ping the system vm's and they are all tagged. Environment is as follows:1) Management Network / Pod is 192.168.1.0/24Vlan 20 and the MS server Hyper visor ports are set to trunk all vlan, their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server 6.2 (open vswitch mode) Port forward is working fine and can access the vm's from outside networks, however can not access internet from vm's, logged in to the system virtual router and can not ping gateway. And verified the vlan's functionality with different physical virtual environments. Could anyone please help? Thanks in advance. Amin Samir
RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Thanks for your fast reply Do I have to isn't the default outgoing traffic allowed from VM's? the only thing that is denied is incoming rules which i configured to allow 22 for my port forward rules. Date: Tue, 3 Dec 2013 10:33:50 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org Have you configured the Igress and Outgress of firewall rules? 2013/12/3 Amin Samir aminsamira...@hotmail.com Hello, I need support in an issue that i am facing, I have installed cloudstack in advanced mode, my VM's on cloudstack hosts not communicating to the internet, from the virtual router can not ping the gateway, however from the gateway can ping the system vm's and they are all tagged. Environment is as follows:1) Management Network / Pod is 192.168.1.0/24Vlan 20 and the MS server Hyper visor ports are set to trunk all vlan, their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server 6.2 (open vswitch mode) Port forward is working fine and can access the vm's from outside networks, however can not access internet from vm's, logged in to the system virtual router and can not ping gateway. And verified the vlan's functionality with different physical virtual environments. Could anyone please help? Thanks in advance. Amin Samir
RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
I had, allowed any, and still, when logging to the router from the xen center, can not ping my gateway, iptables shows outgoing allow source any to destination any, however another vm on the same vlan and same host (hypervisor) can ping my gateway. Any other suggestions? Date: Tue, 3 Dec 2013 10:51:38 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org YOU need to configure outgress rules if your VR want to access the Internet. 2013/12/3 Amin Samir aminsamira...@hotmail.com Thanks for your fast reply Do I have to isn't the default outgoing traffic allowed from VM's? the only thing that is denied is incoming rules which i configured to allow 22 for my port forward rules. Date: Tue, 3 Dec 2013 10:33:50 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org Have you configured the Igress and Outgress of firewall rules? 2013/12/3 Amin Samir aminsamira...@hotmail.com Hello, I need support in an issue that i am facing, I have installed cloudstack in advanced mode, my VM's on cloudstack hosts not communicating to the internet, from the virtual router can not ping the gateway, however from the gateway can ping the system vm's and they are all tagged. Environment is as follows:1) Management Network / Pod is 192.168.1.0/24Vlan 20 and the MS server Hyper visor ports are set to trunk all vlan, their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server 6.2 (open vswitch mode) Port forward is working fine and can access the vm's from outside networks, however can not access internet from vm's, logged in to the system virtual router and can not ping gateway. And verified the vlan's functionality with different physical virtual environments. Could anyone please help? Thanks in advance. Amin Samir
RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Hi but i did not select security groups in the zone wizard, how can i do this now or do i have to recreate the zone? I found issue with no resolution exactly similar to what is happening.http://mail-archives.apache.org/mod_mbox/cloudstack-users/201310.mbox/%3c1382640326.52696ac6e7...@webmail.manske.org%3E Date: Tue, 3 Dec 2013 11:29:55 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org Cloudstack 4.2 is a bit different from 4.0.I have met your problem before.You need not only configure firewall rules but also security group about egress. 2013/12/3 Amin Samir aminsamira...@hotmail.com I had, allowed any, and still, when logging to the router from the xen center, can not ping my gateway, iptables shows outgoing allow source any to destination any, however another vm on the same vlan and same host (hypervisor) can ping my gateway. Any other suggestions? Date: Tue, 3 Dec 2013 10:51:38 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org YOU need to configure outgress rules if your VR want to access the Internet. 2013/12/3 Amin Samir aminsamira...@hotmail.com Thanks for your fast reply Do I have to isn't the default outgoing traffic allowed from VM's? the only thing that is denied is incoming rules which i configured to allow 22 for my port forward rules. Date: Tue, 3 Dec 2013 10:33:50 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org Have you configured the Igress and Outgress of firewall rules? 2013/12/3 Amin Samir aminsamira...@hotmail.com Hello, I need support in an issue that i am facing, I have installed cloudstack in advanced mode, my VM's on cloudstack hosts not communicating to the internet, from the virtual router can not ping the gateway, however from the gateway can ping the system vm's and they are all tagged. Environment is as follows:1) Management Network / Pod is 192.168.1.0/24Vlan 20 and the MS server Hyper visor ports are set to trunk all vlan, their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server 6.2 (open vswitch mode) Port forward is working fine and can access the vm's from outside networks, however can not access internet from vm's, logged in to the system virtual router and can not ping gateway. And verified the vlan's functionality with different physical virtual environments. Could anyone please help? Thanks in advance. Amin Samir
Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Amin; 1. It sound to me you have networking issue. Can you try to bring a VM and place it on the same vLAN and check if you are able to ping outside and get internet? 2. You will also need to set 0.0.0.0/0 on egress rule for that network in order to get internet. On Mon, Dec 2, 2013 at 10:34 PM, Amin Samir aminsamira...@hotmail.comwrote: Hi but i did not select security groups in the zone wizard, how can i do this now or do i have to recreate the zone? I found issue with no resolution exactly similar to what is happening. http://mail-archives.apache.org/mod_mbox/cloudstack-users/201310.mbox/%3c1382640326.52696ac6e7...@webmail.manske.org%3E Date: Tue, 3 Dec 2013 11:29:55 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org Cloudstack 4.2 is a bit different from 4.0.I have met your problem before.You need not only configure firewall rules but also security group about egress. 2013/12/3 Amin Samir aminsamira...@hotmail.com I had, allowed any, and still, when logging to the router from the xen center, can not ping my gateway, iptables shows outgoing allow source any to destination any, however another vm on the same vlan and same host (hypervisor) can ping my gateway. Any other suggestions? Date: Tue, 3 Dec 2013 10:51:38 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org YOU need to configure outgress rules if your VR want to access the Internet. 2013/12/3 Amin Samir aminsamira...@hotmail.com Thanks for your fast reply Do I have to isn't the default outgoing traffic allowed from VM's? the only thing that is denied is incoming rules which i configured to allow 22 for my port forward rules. Date: Tue, 3 Dec 2013 10:33:50 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org Have you configured the Igress and Outgress of firewall rules? 2013/12/3 Amin Samir aminsamira...@hotmail.com Hello, I need support in an issue that i am facing, I have installed cloudstack in advanced mode, my VM's on cloudstack hosts not communicating to the internet, from the virtual router can not ping the gateway, however from the gateway can ping the system vm's and they are all tagged. Environment is as follows:1) Management Network / Pod is 192.168.1.0/24Vlan 20 and the MS server Hyper visor ports are set to trunk all vlan, their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server 6.2 (open vswitch mode) Port forward is working fine and can access the vm's from outside networks, however can not access internet from vm's, logged in to the system virtual router and can not ping gateway. And verified the vlan's functionality with different physical virtual environments. Could anyone please help? Thanks in advance. Amin Samir
Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Hi, From the router the gateway should be reachable if not there is networking issue in your setup. Can you please check your VLAN related configuration. Thanks, Jayapal On 03-Dec-2013, at 8:44 AM, Amin Samir aminsamira...@hotmail.com wrote: I had, allowed any, and still, when logging to the router from the xen center, can not ping my gateway, iptables shows outgoing allow source any to destination any, however another vm on the same vlan and same host (hypervisor) can ping my gateway. Any other suggestions? Date: Tue, 3 Dec 2013 10:51:38 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org YOU need to configure outgress rules if your VR want to access the Internet. 2013/12/3 Amin Samir aminsamira...@hotmail.com Thanks for your fast reply Do I have to isn't the default outgoing traffic allowed from VM's? the only thing that is denied is incoming rules which i configured to allow 22 for my port forward rules. Date: Tue, 3 Dec 2013 10:33:50 +0800 Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) From: dj199...@gmail.com To: users@cloudstack.apache.org Have you configured the Igress and Outgress of firewall rules? 2013/12/3 Amin Samir aminsamira...@hotmail.com Hello, I need support in an issue that i am facing, I have installed cloudstack in advanced mode, my VM's on cloudstack hosts not communicating to the internet, from the virtual router can not ping the gateway, however from the gateway can ping the system vm's and they are all tagged. Environment is as follows:1) Management Network / Pod is 192.168.1.0/24Vlan 20 and the MS server Hyper visor ports are set to trunk all vlan, their native / untagged vlan is 20.2) Guests vlan ranges 200-1200 and subnet 10.1.1.0/243) Public network is 10.0.0.0/5 tagged vlan 50 (not real IP's)4) Management Server is Ubuntu 12, Cloudstack is 4.2, Xen Server 6.2 (open vswitch mode) Port forward is working fine and can access the vm's from outside networks, however can not access internet from vm's, logged in to the system virtual router and can not ping gateway. And verified the vlan's functionality with different physical virtual environments. Could anyone please help? Thanks in advance. Amin Samir
Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Comments inline. On 03-Dec-2013, at 9:24 am, Adam Kamali adam@gmail.commailto:adam@gmail.com wrote: Amin; 1. It sound to me you have networking issue. Can you try to bring a VM and place it on the same vLAN and check if you are able to ping outside and get internet? Certainly sounds like a networking issue. Also, one can bring up a tagged interface directly only the hypervisor to check if the switch configuration is working correctly. For example, I just do this on 2 hosts and run pings between them to isolate the issue on KVM hosts: # host1 vconfig add eth0 64 ifconfig eth0.64 1.2.3.4 netmask 255.255.255.0 up ping 1.2.3.5 # host2 vconfig add eth0 64 ifconfig eth0.64 1.2.3.5 netmask 255.255.255.0 up ping 1.2.3.4 Then run tcpdump all over the place to check who is gobbling up the packets. :) 2. You will also need to set 0.0.0.0/0http://0.0.0.0/0 on egress rule for that network in order to get internet. In a test that I just ran on a brand new isolated network: - The VR itself is able to ping a public IP without any Egress rule being in place. Unless I am mistaken, the Egress rules do not control traffic originating from the VR itself but only “forwarded” traffic. - Instance could ping a public IP only after adding an Egress rule - The public IP of the VR was pingable only after adding an ingress rule. YMMV. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.commailto:shanker.ba...@shapeblue.com | www.shapeblue.comhttp://www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Hi, Router reach public gateway/internet without egress rule. Thanks, Jayapal On 03-Dec-2013, at 10:35 AM, Shanker Balan shanker.ba...@shapeblue.com wrote: Comments inline. On 03-Dec-2013, at 9:24 am, Adam Kamali adam@gmail.commailto:adam@gmail.com wrote: Amin; 1. It sound to me you have networking issue. Can you try to bring a VM and place it on the same vLAN and check if you are able to ping outside and get internet? Certainly sounds like a networking issue. Also, one can bring up a tagged interface directly only the hypervisor to check if the switch configuration is working correctly. For example, I just do this on 2 hosts and run pings between them to isolate the issue on KVM hosts: # host1 vconfig add eth0 64 ifconfig eth0.64 1.2.3.4 netmask 255.255.255.0 up ping 1.2.3.5 # host2 vconfig add eth0 64 ifconfig eth0.64 1.2.3.5 netmask 255.255.255.0 up ping 1.2.3.4 Then run tcpdump all over the place to check who is gobbling up the packets. :) 2. You will also need to set 0.0.0.0/0http://0.0.0.0/0 on egress rule for that network in order to get internet. In a test that I just ran on a brand new isolated network: - The VR itself is able to ping a public IP without any Egress rule being in place. Unless I am mistaken, the Egress rules do not control traffic originating from the VR itself but only “forwarded” traffic. - Instance could ping a public IP only after adding an Egress rule - The public IP of the VR was pingable only after adding an ingress rule. YMMV. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.commailto:shanker.ba...@shapeblue.com | www.shapeblue.comhttp://www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
On 03-Dec-2013, at 10:41 am, Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com wrote: Hi, Router reach public gateway/internet without egress rule. If only adding a egress rule would fix all networking issues. :) snip a lot -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: Isolated Network with no Services
HTH http://blog.remibergsma.com/2012/03/10/howto-create-a-network-in-cloudstack-without-a-virtual-router/ From: Simon Murphy simon.mur...@vifx.co.nzmailto:simon.mur...@vifx.co.nz Reply-To: d...@cloudstack.apache.orgmailto:d...@cloudstack.apache.org d...@cloudstack.apache.orgmailto:d...@cloudstack.apache.org Date: Tuesday, 3 December 2013 8:15 AM To: users@cloudstack.apache.orgmailto:users@cloudstack.apache.org users@cloudstack.apache.orgmailto:users@cloudstack.apache.org, d...@cloudstack.apache.orgmailto:d...@cloudstack.apache.org d...@cloudstack.apache.orgmailto:d...@cloudstack.apache.org Subject: Isolated Network with no Services Is it possible to configure a network offering for an isolated network that has no services? I would like to give the customer the option to create a network that is totally isolated (no L3 connectivity) so that they can bring their own software router/firewall. The isolated network would be connected to other networks via the customers virtual router. I can create the network offering however it is not listed as an available service when I try to create the network. Cheers, Simon Simon Murphy Solutions Architect ViFX | Cloud Infrastructure Level 7, 57 Fort Street, Auckland, New Zealand 1010 PO Box 106700, Auckland, New Zealand 1143 M +64 21 285 4519 | S simon_a_murphy www.vifx.co.nzhttp://www.vifx.co.nz/ follow us on twitterhttps://twitter.com/ViFX Auckland | Wellington | Christchurch [cid:image003.jpg@01CDDF95.815BF160] experience. expertise. execution. This email and any files transmitted with it are confidential, without prejudice and may contain information that is subject to legal privilege. It is intended solely for the use of the individual/s to whom it is addressed in accordance with the provisions of the Privacy Act (1993). The content contained in this email does not, necessarily, reflect the official policy position of ViFX nor does ViFX have any responsibility for any alterations to the contents of this email that may occur following transmission. If you are not the addressee it may be unlawful for you to read, copy, distribute, disclose or otherwise use the information contained within this email. If you are not the intended recipient, please notify the sender prior to deleting this email message from your system. Please note ViFX reserves the right to monitor, from time to time, the communications sent to and from its email network.
RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Hello, I'd like to thank you all for your support, it turned out it switch port issue, I will reconfigure the switch port security and it should work. Thanks Amin. From: shanker.ba...@shapeblue.com To: users@cloudstack.apache.org Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) Date: Tue, 3 Dec 2013 05:20:35 + On 03-Dec-2013, at 10:41 am, Jayapal Reddy Uradi jayapalreddy.ur...@citrix.com wrote: Hi, Router reach public gateway/internet without egress rule. If only adding a egress rule would fix all networking issues. :) snip a lot -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
On 03-Dec-2013, at 11:44 am, Amin Samir aminsamira...@hotmail.com wrote: Hello, I'd like to thank you all for your support, it turned out it switch port issue, I will reconfigure the switch port security and it should work. I was inspired to make a blog post about it. http://shankerbalan.net/blog/internet-not-working-on-cloudstack-vms/ Hth. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
RE: VM's on cloudstack hosts not communicating to the internet (advanced networking mode)
Thanks Shanker, really appreciate all your support guys. Amin From: shanker.ba...@shapeblue.com To: users@cloudstack.apache.org Subject: Re: VM's on cloudstack hosts not communicating to the internet (advanced networking mode) Date: Tue, 3 Dec 2013 06:37:12 + On 03-Dec-2013, at 11:44 am, Amin Samir aminsamira...@hotmail.com wrote: Hello, I'd like to thank you all for your support, it turned out it switch port issue, I will reconfigure the switch port security and it should work. I was inspired to make a blog post about it. http://shankerbalan.net/blog/internet-not-working-on-cloudstack-vms/ Hth. -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: SSVM showing alert status
I finally figured out how to login. Thanks for the hint that I needed to be on the host where the SSVM is located. That said, I get the error no matter which host the SSVM is on and the alert status does not go away after recreating the SSVM. Result of ssvm-check.sh *No errors found First DNS server is 69.55.167.1 PING 69.55.167.1 (69.55.167.1): 56 data bytes 64 bytes from 69.55.167.1: icmp_seq=0 ttl=62 time=2.911 ms 64 bytes from 69.55.167.1: icmp_seq=1 ttl=62 time=1.426 ms --- 69.55.167.1 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.426/2.168/2.911/0.743 ms Good: Can ping DNS server Good: DNS resolves download.cloud.com NFS is currently mounted Mount point is /mnt/SecStorage/4349cbdb-573e-37bb-aa77-ec51eb5ee400 Good: Can write to mount point Mount point is /mnt/SecStorage/252fb5ca-7f32-3da7-af4c-7b8d2f6baab9 Good: Can write to mount point Management server is 10.3.4.50. Checking connectivity. Good: Can connect to management server port 8250 Good: Java process is running Tests Complete. Look for ERROR or WARNING above. On Monday, December 2, 2013 10:07 PM, Shashi Dahal s.da...@leaseweb.com wrote: Hi, Even if you recreate and it shows alert, then you need to first find out the hypervisor where its running, and connect to it locally using the Link Local IP Address shown in the management interface. It is in the format 169.254.x.x Login to the hypervisor as root # ssh -i /root/.ssh/.id_rsa.cloud -p 3922 root@169.254.x.x It's a standard Debian template. Some commands: To check the systemVM version: cat /etc/cloudstack-release To do a basic troubleshooting: /usr/local/cloud/systemvm/ssvm-check.sh You can apt-get install package to install tools to troubleshoot, but when you re-create the systemVM, these packages will be lost. Alert state could be due to networking, or disk-space being full ( logs ) or something went corrupt and the file-system went to read-only mode. All systemVM are safe to be destroyed and they will get re-created again. Cheers, Shashi -Original Message- From: Jake G. [mailto:dj_dark_jungl...@yahoo.com] Sent: maandag, 02 december, 2013 10:33 To: users@cloudstack.apache.org Subject: SSVM showing alert status Hi all, My SSVM is showing ALERT as its status. How can I troubleshoot this? Also, Any tips on how to log into the SSVM and CPVM? Thanks, Jake
