Comments inline. On 16-Jan-2014, at 12:13 pm, Saurav Lahiri <saurav.lah...@sungard.com> wrote:
> Looks like this mail never got onto the users list. > Shanker, > Could you please let me know ur thoughts regarding the queries. > > Thanks > Saurav > > ---------- Forwarded message ---------- > From: Saurav Lahiri <saurav.lah...@sungard.com> > Date: Tue, Jan 14, 2014 at 3:20 PM > Subject: Re: Communication between Management Server and guest vm deployed > by root admin user > To: CloudStack-Users <users@cloudstack.apache.org> > > > Shanker, > Appreciate your response. The suggestion to use a shared admin network > sounds like a good plan. > Is this admin network the way you have configured, > included in cloustack network offering? http://shankerbalan.net/blog/create-a-shared-network-with-public-ips-in-cloudstack/ > How are customers prevented from > provisioning their vms in this shared network,so that the admin vms are > isolated from other customer vms. While creating the network, you can limit the scope to an account, domain or project. > Also I was thinking that the admin services could also be run on vms > provisioned by cloudstack by the root admin. Is this the way you are > provisioning the admin services currently ? Yep. > > Thanks > Saurav > > > On Mon, Jan 13, 2014 at 5:25 PM, Shanker Balan > <shanker.ba...@shapeblue.com>wrote: > >> Comments inline. PS: I am moving this discussison to the user’s list >> which I feel is a more appropriate place to discuss this query. >> >> On 13-Jan-2014, at 1:10 pm, Saurav Lahiri <saurav.lah...@sungard.com> >> wrote: >> >>> Hi, >>> Would anybody know if there is a way that guest vms deployed by root >> admin >>> can be included in the system management network or routing configured to >>> allow traffic flow between the management server and this guest vm. >> >> I have a shared network called “Admin" where I run my admin services like >> logstash, Nagios, collectd, remote syslog server etc. >> >> >> L3 routes are also in place to ensure that Vms on the Public subnet can >> reach the admin VMs on the shared Admin network. >> >> All VMs are configured to push data to the log server, mon servers etc. >> >>> What I am trying to achieve is push the management server logs to a guest >>> vm(deployed by the root admin user) which will parse/index the log >> files. >>> It appears that since the guest vm is not part of the system management >>> network, the cloudstack management server is unable to reach it. >> >> >> As long as you have routes in place (and proper firewall rules to allow >> traffic), >> you would be able to push your logs from guest VMs (or physical hosts like >> hypervisors) to the designated log collection server(s) >> >> buffy:~ shanu$ traceroute log1.prod.internal >> traceroute to log1.prod.internal (192.168.65.102), 64 hops max, 52 byte >> packets >> 1 gw (192.168.44.1) 1.499 ms 1.260 ms * >> 2 gw2-1 (192.168.44.251) 4.906 ms 1.512 ms 10.242 ms >> 3 192.168.65.102 (192.168.65.102) 3.961 ms 3.597 ms 4.418 ms >> >> 192.168.44.1 is my edge router which has routes to reach my shared >> admin network 192.168.65.0/24 via 192.168.44.251. >> >> Hth. >> >> >> -- >> @shankerbalan >> >> M: +91 98860 60539 | O: +91 (80) 67935867 >> shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue >> ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, >> Bangalore - 560 055 >> >> Need Enterprise Grade Support for Apache CloudStack? >> Our CloudStack Infrastructure Support< >> http://shapeblue.com/cloudstack-infrastructure-support/> offers the best >> 24/7 SLA for CloudStack Environments. >> >> Apache CloudStack Bootcamp training courses >> >> **NEW!** CloudStack 4.2 training<http://shapeblue.com/cloudstack-training/ >>> >> 08/09 January 2014, London<http://shapeblue.com/cloudstack-training/> >> 13-17 January 2014, GLOBAL. Instructor led, On-line< >> http://shapeblue.com/cloudstack-training/> >> 20-24 January 2014, GLOBAL. Instructor led, On-line< >> http://shapeblue.com/cloudstack-training/> >> >> This email and any attachments to it may be confidential and are intended >> solely for the use of the individual to whom it is addressed. Any views or >> opinions expressed are solely those of the author and do not necessarily >> represent those of Shape Blue Ltd or related companies. If you are not the >> intended recipient of this email, you must neither take any action based >> upon its contents, nor copy or show it to anyone. Please contact the sender >> if you believe you have received this email in error. Shape Blue Ltd is a >> company incorporated in England & Wales. ShapeBlue Services India LLP is a >> company incorporated in India and is operated under license from Shape Blue >> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil >> and is operated under license from Shape Blue Ltd. ShapeBlue is a >> registered trademark. >> >> -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
