CloudStack Collab MTL - Day 1 - #ccc2016mtl
Hi all, #ccc2016mtl is off to great start! We had a productive round table discussion this afternoon. You can find the notes from the discussion here [1] and the recording of the session will be posted soon. Tomorrow's talks will be live streamed and recorded. You can watch them here: http://ca.cloudstackcollab.org/#stream. The agenda for the stream can be find in the schedule: http://ca.cloudstackcollab.org/#schedule. Please note that the times in the schedule are for the EDT timezone. If you have any questions for the speakers, please post them in the #ccc2016mtl CloudStack Slack channel [2] or on Twitter with #ccc2016mtl [3]. See you tomorrow! [1] https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+Collaboration+Conference%3A+Montreal+2016 [2] https://apachecloudstack.slack.com/messages/ccc2016mtl/ [3] https://twitter.com/search?q=%23ccc2016mtl
Re: FW: Password reset, not work after adding new Guest IP Class
Thanks for the logs Cristian, You just forgot to include the : /var/log/cloud.log available on the VR... ;) Also, quite Interesting to see that your VM can communicate with ACS correctly... Can you try to reproduce it again but this time with the default VM ( ie: CentOS 5.6... ) Just want to see if it's going to behave the same way with the default template... if it work, that will means something is wrong with your VM template or something is wrong in your cloud-init configuration Marcus On 2016-06-01 4:43 PM, Cristian Ciobanu wrote: Hi Marcus, I just reproduced this error, by removing an old VM (with and IP from previous class ) also exported the last part from log : VR LOG : hxxp://pastebin.com/TH8CcEL6 Very interesting is what I saw on VM : VM LOG : hxxp://pastebin.com/dn6Du4ci ( in order to grab this part of the log I was able to login with default VM password which was set before when I created this template ) Thank you ! Regards, Cristian -Original Message- From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] Sent: Wednesday, June 1, 2016 8:00 PM To: users@cloudstack.apache.org Subject: Re: FW: Password reset, not work after adding new Guest IP Class when your condition happen, is there any errors in the /var/log/cloud.log of your VR ? Marcus On 2016-06-01 12:21 PM, Cristian Ciobanu wrote: Hi Marcus, Ok, please see, i also attached screenshots. 1. Yes, i'm using CloudStack 4.5.2 with Vmware 5.5 update3 2. vCenter version : hxxp://imgur.com/tcjY4kS 3. Host version : hxxp://imgur.com/ZIDKqWe 4. 2X NIC/hypervisor : hxxp://imgur.com/UefelGO 5.How many vm per hosts: 5-7 : hxxp://imgur.com/ZIDKqWe 6. How many vswitch port ? : 120 (looks like i forgot to change ) : hxxp://imgur.com/m3CPdSb 7. Networking setup : hxxp://imgur.com/UefelGO 8. I use only vswitch: hxxp://imgur.com/LJTx2gD 9. VR version : 4.5.2 10. Can you try to delete / expunge the VR and let the system re-create it ? : like i said before i do reboot or delete, when a new vm are deployd from another class ( from X to Y to Z, etc and viceversa ) 11. On your VM : can you check which cloud-init version you're running ? ( could it be related ? : i'm not sure if this can be related, i have about 7 OS Templates, Windows, Linux and i have the same issue for all. For Windows i use : cloudbaseinit 0.9 For Linux i use hxxps://github.com/HeinleinSupport/acs-template-scripts i also use hxxp://cloudstack-administration.readthedocs.io/en/4.8/templates.html# linux-os-installation for centos 6.7 Thank you !! Regards, Cristian -Original Message- From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] Sent: Wednesday, June 1, 2016 5:07 PM To: users@cloudstack.apache.org Subject: Re: FW: Password reset, not work after adding new Guest IP Class Hey ! Ok, At this point, I will need a bit more info then... so far, looks like the public core router can see correctly both public ip range and route them correctly... You mention that you're using Cloustack 4.5.2 wuth Vmware 5.5 - vmware : which latest fix / patch level installed ? - approx : how many vm per hosts are you running - how many NIC per hypervsor ? ( bonding ? ) - how many vswitch port ? ( http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/ 4.6/hypervisor/vsphere.html#increasing-ports ) - can you send me a screenshot of your vsphere client // networking setup ? ( http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/ 4.6/hypervisor/vsphere.html#physical-host-networking ) - are you using any dvswitch or only vswitch ? if dvswitch, in ACS / Global settings : vmware.use.dvswitch is enable ? - on cloudstack : global settings / host : this IP is reachable internally ( RFC1918 - 10.x.x.x, 172.16.x.x, 192.168.x.x ) or externally ( public ip ) - - if public IP, any firewall or load balancer that could restraint or limit the access ?? - can you provide a quick networking layout on how you setup your network ? ( example: hxxp://imgur.com/wZdjoqN ) - VR version : log on the VR and do : cat /etc/cloudstack-release ( it shoud report 4.5 ) - VR version: latest VR in place ? ( http://cloudstack.apt-get.eu/systemvm/4.5/ ) - Can you try to delete / expunge the VR and let the system re-create it ? - on your VM : can you check which cloud-init version you're running ? ( could it be related ? : https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1440263 ) Marcus On 2016-05-31 4:21 PM, Cristian Ciobanu wrote: Hi Marcus, I the all requested tests, successfully, please see in provided images. IP to GW: hxxp://imgur.com/a/ON99N ( i also did ping on other GW not allocated on ACS) IP to IP: hxxp://imgur.com/a/uPlFr ( IP to
RE: FW: Password reset, not work after adding new Guest IP Class
Hi Marcus, I just reproduced this error, by removing an old VM (with and IP from previous class ) also exported the last part from log : VR LOG : hxxp://pastebin.com/TH8CcEL6 Very interesting is what I saw on VM : VM LOG : hxxp://pastebin.com/dn6Du4ci ( in order to grab this part of the log I was able to login with default VM password which was set before when I created this template ) Thank you ! Regards, Cristian -Original Message- From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] Sent: Wednesday, June 1, 2016 8:00 PM To: users@cloudstack.apache.org Subject: Re: FW: Password reset, not work after adding new Guest IP Class when your condition happen, is there any errors in the /var/log/cloud.log of your VR ? Marcus On 2016-06-01 12:21 PM, Cristian Ciobanu wrote: > Hi Marcus, > > > Ok, please see, i also attached screenshots. > > 1. Yes, i'm using CloudStack 4.5.2 with Vmware 5.5 update3 > 2. vCenter version : hxxp://imgur.com/tcjY4kS > 3. Host version : hxxp://imgur.com/ZIDKqWe > 4. 2X NIC/hypervisor : hxxp://imgur.com/UefelGO > 5.How many vm per hosts: 5-7 : hxxp://imgur.com/ZIDKqWe > 6. How many vswitch port ? : 120 (looks like i forgot to change ) : > hxxp://imgur.com/m3CPdSb > 7. Networking setup : hxxp://imgur.com/UefelGO > 8. I use only vswitch: hxxp://imgur.com/LJTx2gD > 9. VR version : 4.5.2 > 10. Can you try to delete / expunge the VR and let the system > re-create it ? : like i said before i do reboot or delete, when a new vm > are deployd from another class ( from X to Y to Z, etc and viceversa ) > 11. On your VM : can you check which cloud-init version you're > running ? ( could it be related ? : i'm not sure if this can be related, i > have about 7 OS Templates, Windows, Linux and i have the same issue for all. > For Windows i use : cloudbaseinit 0.9 > For Linux i use > hxxps://github.com/HeinleinSupport/acs-template-scripts i also use > hxxp://cloudstack-administration.readthedocs.io/en/4.8/templates.html# > linux-os-installation for centos 6.7 > > Thank you !! > > Regards, > Cristian > > > > > > -Original Message- > From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] > Sent: Wednesday, June 1, 2016 5:07 PM > To: users@cloudstack.apache.org > Subject: Re: FW: Password reset, not work after adding new Guest IP > Class > > Hey ! > > Ok, At this point, I will need a bit more info then... so far, looks like the > public core router can see correctly both public ip range and route them > correctly... > > You mention that you're using Cloustack 4.5.2 wuth Vmware 5.5 >- vmware : which latest fix / patch level installed ? >- approx : how many vm per hosts are you running >- how many NIC per hypervsor ? ( bonding ? ) >- how many vswitch port ? ( > http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/ > 4.6/hypervisor/vsphere.html#increasing-ports > ) >- can you send me a screenshot of your vsphere client // networking > setup ? ( > http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/ > 4.6/hypervisor/vsphere.html#physical-host-networking > ) >- are you using any dvswitch or only vswitch ? if dvswitch, in ACS / > Global settings : vmware.use.dvswitch is enable ? >- on cloudstack : global settings / host : this IP is reachable internally > ( RFC1918 - 10.x.x.x, 172.16.x.x, 192.168.x.x ) or externally ( public ip ) >- - if public IP, any firewall or load balancer that could restraint or > limit the access ?? > - can you provide a quick networking layout on how you setup your > network ? ( example: hxxp://imgur.com/wZdjoqN ) > - VR version : log on the VR and do : cat /etc/cloudstack-release ( > it shoud report 4.5 ) > - VR version: latest VR in place ? ( > http://cloudstack.apt-get.eu/systemvm/4.5/ ) > - Can you try to delete / expunge the VR and let the system re-create it ? > - on your VM : can you check which cloud-init version you're running ? ( > could it be related ? : > https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1440263 ) > > Marcus > > On 2016-05-31 4:21 PM, Cristian Ciobanu wrote: >> Hi Marcus, >> >> I the all requested tests, successfully, please see in provided >> images. >> >> IP to GW: hxxp://imgur.com/a/ON99N ( i also did ping on other >> GW not allocated on ACS) >> >> IP to IP: hxxp://imgur.com/a/uPlFr ( IP to Linux VM's from >> ACS environment ) >> >> IP to DNS : hxxp://imgur.com/a/oWrAj >> >> >> Thanks for support! >> >> >> Regards, >> Cristian >> >> >> -Original Message- >> From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] >> Sent: Tuesday, May 31, 2016 6:19 PM >> To: users@cloudstack.apache.org >> Subject: Re: FW: Password reset, not work after adding new Guest
Re: FW: Password reset, not work after adding new Guest IP Class
when your condition happen, is there any errors in the /var/log/cloud.log of your VR ? Marcus On 2016-06-01 12:21 PM, Cristian Ciobanu wrote: Hi Marcus, Ok, please see, i also attached screenshots. 1. Yes, i'm using CloudStack 4.5.2 with Vmware 5.5 update3 2. vCenter version : hxxp://imgur.com/tcjY4kS 3. Host version : hxxp://imgur.com/ZIDKqWe 4. 2X NIC/hypervisor : hxxp://imgur.com/UefelGO 5.How many vm per hosts: 5-7 : hxxp://imgur.com/ZIDKqWe 6. How many vswitch port ? : 120 (looks like i forgot to change ) : hxxp://imgur.com/m3CPdSb 7. Networking setup : hxxp://imgur.com/UefelGO 8. I use only vswitch: hxxp://imgur.com/LJTx2gD 9. VR version : 4.5.2 10. Can you try to delete / expunge the VR and let the system re-create it ? : like i said before i do reboot or delete, when a new vm are deployd from another class ( from X to Y to Z, etc and viceversa ) 11. On your VM : can you check which cloud-init version you're running ? ( could it be related ? : i'm not sure if this can be related, i have about 7 OS Templates, Windows, Linux and i have the same issue for all. For Windows i use : cloudbaseinit 0.9 For Linux i use hxxps://github.com/HeinleinSupport/acs-template-scripts i also use hxxp://cloudstack-administration.readthedocs.io/en/4.8/templates.html#linux-os-installation for centos 6.7 Thank you !! Regards, Cristian -Original Message- From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] Sent: Wednesday, June 1, 2016 5:07 PM To: users@cloudstack.apache.org Subject: Re: FW: Password reset, not work after adding new Guest IP Class Hey ! Ok, At this point, I will need a bit more info then... so far, looks like the public core router can see correctly both public ip range and route them correctly... You mention that you're using Cloustack 4.5.2 wuth Vmware 5.5 - vmware : which latest fix / patch level installed ? - approx : how many vm per hosts are you running - how many NIC per hypervsor ? ( bonding ? ) - how many vswitch port ? ( http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.6/hypervisor/vsphere.html#increasing-ports ) - can you send me a screenshot of your vsphere client // networking setup ? ( http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.6/hypervisor/vsphere.html#physical-host-networking ) - are you using any dvswitch or only vswitch ? if dvswitch, in ACS / Global settings : vmware.use.dvswitch is enable ? - on cloudstack : global settings / host : this IP is reachable internally ( RFC1918 - 10.x.x.x, 172.16.x.x, 192.168.x.x ) or externally ( public ip ) - - if public IP, any firewall or load balancer that could restraint or limit the access ?? - can you provide a quick networking layout on how you setup your network ? ( example: hxxp://imgur.com/wZdjoqN ) - VR version : log on the VR and do : cat /etc/cloudstack-release ( it shoud report 4.5 ) - VR version: latest VR in place ? ( http://cloudstack.apt-get.eu/systemvm/4.5/ ) - Can you try to delete / expunge the VR and let the system re-create it ? - on your VM : can you check which cloud-init version you're running ? ( could it be related ? : https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1440263 ) Marcus On 2016-05-31 4:21 PM, Cristian Ciobanu wrote: Hi Marcus, I the all requested tests, successfully, please see in provided images. IP to GW: hxxp://imgur.com/a/ON99N ( i also did ping on other GW not allocated on ACS) IP to IP: hxxp://imgur.com/a/uPlFr ( IP to Linux VM's from ACS environment ) IP to DNS : hxxp://imgur.com/a/oWrAj Thanks for support! Regards, Cristian -Original Message- From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] Sent: Tuesday, May 31, 2016 6:19 PM To: users@cloudstack.apache.org Subject: Re: FW: Password reset, not work after adding new Guest IP Class Hey Cristian Can you go on the VR and try to run a ping from there ? procedure on VR: 1- update the ping util ( apt-get install iputils-ping ) 2- run a ping test with different source IP ( ping -I sourceIP DestIP ctrl-c to stop the ping ) - source IP : use the IP configured on the VR - destination IP : try to ping the gateway, an IP on the other range that should be reachable and not configured on the VR and another public IP... a-1) ping -I 159.X.X.X 167.X.X.X-GW a-2) ping -I 159.X.X.X 167.X.X.X-IP a-3) ping -I 159.X.X.X 8.8.8.8 b-1) ping -I 167.X.X.X 159.X.X.X-GW b-2) ping -I 167.X.X.X 159.X.X.X-IP b-3) ping -I 167.X.X.X 8.8.8.8 post me the result... 3- re-load the original ping util... ( apt-get install inetutils-ping - or destroy / re-create your VR... ) Normally, your core router should know about these two IP
RE: FW: Password reset, not work after adding new Guest IP Class
Hi Marcus, Ok, please see, i also attached screenshots. 1. Yes, i'm using CloudStack 4.5.2 with Vmware 5.5 update3 2. vCenter version : hxxp://imgur.com/tcjY4kS 3. Host version : hxxp://imgur.com/ZIDKqWe 4. 2X NIC/hypervisor : hxxp://imgur.com/UefelGO 5.How many vm per hosts: 5-7 : hxxp://imgur.com/ZIDKqWe 6. How many vswitch port ? : 120 (looks like i forgot to change ) : hxxp://imgur.com/m3CPdSb 7. Networking setup : hxxp://imgur.com/UefelGO 8. I use only vswitch: hxxp://imgur.com/LJTx2gD 9. VR version : 4.5.2 10. Can you try to delete / expunge the VR and let the system re-create it ? : like i said before i do reboot or delete, when a new vm are deployd from another class ( from X to Y to Z, etc and viceversa ) 11. On your VM : can you check which cloud-init version you're running ? ( could it be related ? : i'm not sure if this can be related, i have about 7 OS Templates, Windows, Linux and i have the same issue for all. For Windows i use : cloudbaseinit 0.9 For Linux i use hxxps://github.com/HeinleinSupport/acs-template-scripts i also use hxxp://cloudstack-administration.readthedocs.io/en/4.8/templates.html#linux-os-installation for centos 6.7 Thank you !! Regards, Cristian -Original Message- From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] Sent: Wednesday, June 1, 2016 5:07 PM To: users@cloudstack.apache.org Subject: Re: FW: Password reset, not work after adding new Guest IP Class Hey ! Ok, At this point, I will need a bit more info then... so far, looks like the public core router can see correctly both public ip range and route them correctly... You mention that you're using Cloustack 4.5.2 wuth Vmware 5.5 - vmware : which latest fix / patch level installed ? - approx : how many vm per hosts are you running - how many NIC per hypervsor ? ( bonding ? ) - how many vswitch port ? ( http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.6/hypervisor/vsphere.html#increasing-ports ) - can you send me a screenshot of your vsphere client // networking setup ? ( http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.6/hypervisor/vsphere.html#physical-host-networking ) - are you using any dvswitch or only vswitch ? if dvswitch, in ACS / Global settings : vmware.use.dvswitch is enable ? - on cloudstack : global settings / host : this IP is reachable internally ( RFC1918 - 10.x.x.x, 172.16.x.x, 192.168.x.x ) or externally ( public ip ) - - if public IP, any firewall or load balancer that could restraint or limit the access ?? - can you provide a quick networking layout on how you setup your network ? ( example: hxxp://imgur.com/wZdjoqN ) - VR version : log on the VR and do : cat /etc/cloudstack-release ( it shoud report 4.5 ) - VR version: latest VR in place ? ( http://cloudstack.apt-get.eu/systemvm/4.5/ ) - Can you try to delete / expunge the VR and let the system re-create it ? - on your VM : can you check which cloud-init version you're running ? ( could it be related ? : https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1440263 ) Marcus On 2016-05-31 4:21 PM, Cristian Ciobanu wrote: > Hi Marcus, > >I the all requested tests, successfully, please see in provided images. > >IP to GW: hxxp://imgur.com/a/ON99N ( i also did ping on other > GW not allocated on ACS) > >IP to IP: hxxp://imgur.com/a/uPlFr ( IP to Linux VM's from ACS > environment ) > >IP to DNS : hxxp://imgur.com/a/oWrAj > > > Thanks for support! > > > Regards, > Cristian > > > -Original Message- > From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] > Sent: Tuesday, May 31, 2016 6:19 PM > To: users@cloudstack.apache.org > Subject: Re: FW: Password reset, not work after adding new Guest IP > Class > > Hey Cristian > > Can you go on the VR and try to run a ping from there ? > > procedure on VR: > > 1- update the ping util ( apt-get install iputils-ping ) > > 2- run a ping test with different source IP ( ping -I sourceIP DestIP > ctrl-c to stop the ping ) > > - source IP : use the IP configured on the VR > > - destination IP : try to ping the gateway, an IP on the other range that > should be reachable and not configured on the VR and another public IP... > > a-1) ping -I 159.X.X.X 167.X.X.X-GW > > a-2) ping -I 159.X.X.X 167.X.X.X-IP > > a-3) ping -I 159.X.X.X 8.8.8.8 > > b-1) ping -I 167.X.X.X 159.X.X.X-GW > > b-2) ping -I 167.X.X.X 159.X.X.X-IP > > b-3) ping -I 167.X.X.X 8.8.8.8 > > post me the result... > > 3- re-load the original ping util... ( apt-get install inetutils-ping > - or destroy / re-create your VR... ) > > Normally, your core router should know about these two IP ranges, if so, you > can just force the core router to route one IP range to the other range and >
Re: SITE TO SITE VPN ERROR IN OUR ENVIRONMENT with CLOUDSTACK-4.3.1 AND XENSERVER 6.2
Hi Venkat, You can also check on your VPC if there's any IPSEC negociation errors there... log on your VPC and check in : /var/log/cloud.log /var/log/daemon.log Marcus On 2016-06-01 9:45 AM, Timothy Lothering wrote: Hi Venkat, IPSEC VPN is established with the VPC (in your case the /16). Your Tier (/24) is in this supernet, so you should be able to route to it once the tunnel is up. Make sure to specify the supernet (/16) on the remote VPN appliance as the destination. -Original Message- From: Venkat Boggarapu [mailto:venka...@axiomio.com] Sent: Wednesday, 01 June 2016 2:50 PM To: users@cloudstack.apache.org Subject: SITE TO SITE VPN ERROR IN OUR ENVIRONMENT with CLOUDSTACK-4.3.1 AND XENSERVER 6.2 Hi Team, In our environment we are using cloudstack-4.3.1 and xenserver 6.2 We have created VPC router with SUPER-CIDR value as X.X.X.X/16. After creating VPC router, created a new TIER with X.X.X.X/24 with the same network, gateway. Finally we are unable to configure the IPSEC with the X.X.X.X/24, but we have successful configured IPSEC with X.X.X.X/16. Please help me guys, I was wonder why it's working with SUPER-CDIR (X.X.X.X/16) with IPSEC. Thanks, Venkat Boggarapu
Re: FW: Password reset, not work after adding new Guest IP Class
Hey ! Ok, At this point, I will need a bit more info then... so far, looks like the public core router can see correctly both public ip range and route them correctly... You mention that you're using Cloustack 4.5.2 wuth Vmware 5.5 - vmware : which latest fix / patch level installed ? - approx : how many vm per hosts are you running - how many NIC per hypervsor ? ( bonding ? ) - how many vswitch port ? ( http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.6/hypervisor/vsphere.html#increasing-ports ) - can you send me a screenshot of your vsphere client // networking setup ? ( http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.6/hypervisor/vsphere.html#physical-host-networking ) - are you using any dvswitch or only vswitch ? if dvswitch, in ACS / Global settings : vmware.use.dvswitch is enable ? - on cloudstack : global settings / host : this IP is reachable internally ( RFC1918 - 10.x.x.x, 172.16.x.x, 192.168.x.x ) or externally ( public ip ) - - if public IP, any firewall or load balancer that could restraint or limit the access ?? - can you provide a quick networking layout on how you setup your network ? ( example: hxxp://imgur.com/wZdjoqN ) - VR version : log on the VR and do : cat /etc/cloudstack-release ( it shoud report 4.5 ) - VR version: latest VR in place ? ( http://cloudstack.apt-get.eu/systemvm/4.5/ ) - Can you try to delete / expunge the VR and let the system re-create it ? - on your VM : can you check which cloud-init version you're running ? ( could it be related ? : https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1440263 ) Marcus On 2016-05-31 4:21 PM, Cristian Ciobanu wrote: Hi Marcus, I the all requested tests, successfully, please see in provided images. IP to GW: hxxp://imgur.com/a/ON99N ( i also did ping on other GW not allocated on ACS) IP to IP: hxxp://imgur.com/a/uPlFr ( IP to Linux VM's from ACS environment ) IP to DNS : hxxp://imgur.com/a/oWrAj Thanks for support! Regards, Cristian -Original Message- From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] Sent: Tuesday, May 31, 2016 6:19 PM To: users@cloudstack.apache.org Subject: Re: FW: Password reset, not work after adding new Guest IP Class Hey Cristian Can you go on the VR and try to run a ping from there ? procedure on VR: 1- update the ping util ( apt-get install iputils-ping ) 2- run a ping test with different source IP ( ping -I sourceIP DestIP ctrl-c to stop the ping ) - source IP : use the IP configured on the VR - destination IP : try to ping the gateway, an IP on the other range that should be reachable and not configured on the VR and another public IP... a-1) ping -I 159.X.X.X 167.X.X.X-GW a-2) ping -I 159.X.X.X 167.X.X.X-IP a-3) ping -I 159.X.X.X 8.8.8.8 b-1) ping -I 167.X.X.X 159.X.X.X-GW b-2) ping -I 167.X.X.X 159.X.X.X-IP b-3) ping -I 167.X.X.X 8.8.8.8 post me the result... 3- re-load the original ping util... ( apt-get install inetutils-ping - or destroy / re-create your VR... ) Normally, your core router should know about these two IP ranges, if so, you can just force the core router to route one IP range to the other range and set only one default gateway in Cloudstack/public ip range... Marcus On 2016-05-31 3:17 AM, Cristian Ciobanu wrote: Hi Marcus, First of all, thanks for answer. - I don't have access to border router ( i will try to get access ) - Yes, each IP range have their gateway - I'm not sure why is working after VR reboot/ each reboot, looks lie is doing a switch from , i also provided a screenshot where i run a ping test from IP X to Gateway Y Please see: http://i.imgur.com/T0w3fdZ.jpg Regards, Cristian -Original Message- From: Marc-Andre Jutras [mailto:mar...@marcuspocus.com] Sent: Monday, May 30, 2016 9:46 PM To: users@cloudstack.apache.org Subject: Re: FW: Password reset, not work after adding new Guest IP Class Hi Cristian, Sound like a networking issue // gateway mismatch on your side and not an issue with ACS: TCP packet seems to be blocked on the border router... ie: ip on 159.X.X.X network is trying to reach your ACS server via the 167.X.X.X gateway or vice-versa; VR is not managing two different default gateway ! Do you have some control or can modify config on your border router ? ( where both ip range got their gateway ? ) if so, check there to allow source IP : 159.X to be able to reach GW : 167 or vice-versa... Marcus On 2016-05-19 4:29 AM, Cristian Ciobanu wrote: Hello All, I will insist on this topic because i don’t recevied any answer, i just want to know if is possibile to fix this issue. Thank you ! Cristian From: Cristian Ciobanu [mailto:cristian.c@istream.today] Sent: Monday, May 16, 2016 10:35 AM To: users@cloudstack.apache.org Subject: RE: Password reset, not work after
4.7 - VPC Network ACL rules
Hello I have been hitting problems with Network ACL rules in VPCs with 4.7 ( looked at the code for 4.8 and it looks similar). It seems that the rule ordering is actually inverted on the VR. So the rules with higher rule numbers are getting checked before the lower ones. As an example, this can be problematic if you want a DENY all and to whitelist certain traffic. Also, changing the rule number does not apply the new order to the VR. Anyone else having problems? Patrick
RE: SITE TO SITE VPN ERROR IN OUR ENVIRONMENT with CLOUDSTACK-4.3.1 AND XENSERVER 6.2
Hi Venkat, IPSEC VPN is established with the VPC (in your case the /16). Your Tier (/24) is in this supernet, so you should be able to route to it once the tunnel is up. Make sure to specify the supernet (/16) on the remote VPN appliance as the destination. -Original Message- From: Venkat Boggarapu [mailto:venka...@axiomio.com] Sent: Wednesday, 01 June 2016 2:50 PM To: users@cloudstack.apache.org Subject: SITE TO SITE VPN ERROR IN OUR ENVIRONMENT with CLOUDSTACK-4.3.1 AND XENSERVER 6.2 Hi Team, In our environment we are using cloudstack-4.3.1 and xenserver 6.2 We have created VPC router with SUPER-CIDR value as X.X.X.X/16. After creating VPC router, created a new TIER with X.X.X.X/24 with the same network, gateway. Finally we are unable to configure the IPSEC with the X.X.X.X/24, but we have successful configured IPSEC with X.X.X.X/16. Please help me guys, I was wonder why it's working with SUPER-CDIR (X.X.X.X/16) with IPSEC. Thanks, Venkat Boggarapu
SITE TO SITE VPN ERROR IN OUR ENVIRONMENT with CLOUDSTACK-4.3.1 AND XENSERVER 6.2
Hi Team, In our environment we are using cloudstack-4.3.1 and xenserver 6.2 We have created VPC router with SUPER-CIDR value as X.X.X.X/16. After creating VPC router, created a new TIER with X.X.X.X/24 with the same network, gateway. Finally we are unable to configure the IPSEC with the X.X.X.X/24, but we have successful configured IPSEC with X.X.X.X/16. Please help me guys, I was wonder why it's working with SUPER-CDIR (X.X.X.X/16) with IPSEC. Thanks, Venkat Boggarapu
Re: Disk Offering
thank you my friend Best regards, On Thu, May 26, 2016 at 11:04 AM, Mohd Zainal Abidin Rabani < zai...@nocser.net> wrote: > Hi, > > > > On primary storage I have set NFS. The question is how to set use NFS when > creating disk size under Disk Offering under Service Offerings? > > > > Thanks. > >
