cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Charles Moulliard <ch0...@gmail.com>
Subject Re: Access internal cloud instance from host
Date Fri, 26 Oct 2012 06:47:28 GMT
I have created a security profile and use it when I create a new instance.
I have added a ingress rule to allow TCP/IP port to be open from 0 to 10000
- CICR 10.0.2.0/24 (and also TCP/IP 22 22 0.0.0.0/0)

Unfortunately I cannot connect from DevCloud VM to the cloud instance

oot@devcloud:~# ssh root@10.0.2.100
ssh: connect to host 10.0.2.100 port 22: No route to host
root@devcloud:~# ip route
default via 10.0.2.2 dev xenbr0  metric 100
10.0.2.0/24 dev xenbr0  proto kernel  scope link  src 10.0.2.15
10.0.2.0/24 dev eth0  proto kernel  scope link  src 10.0.2.15
169.254.0.0/16 dev xapi0  scope link  src 169.254.0.1

If I try to open the instance using the web console, I see this message in
the web console

[  118.613066] martian destination 0.0.0.0 from 10.0.2.2, dev eth0

On Thu, Oct 25, 2012 at 8:01 PM, Edison Su <Edison.su@citrix.com> wrote:

> You need to create a new security group from UI, then when you create a
> new instance, you will see the available security groups created by
> yourself, and can select some of them.
>
> > -----Original Message-----
> > From: Charles Moulliard [mailto:ch007m@gmail.com]
> > Sent: Thursday, October 25, 2012 10:17 AM
> > To: cloudstack-users@incubator.apache.org
> > Subject: Re: Access internal cloud instance from host
> >
> > I have been able to add ingress rule to the default security group
> >
> > When I create a new instance (using web interface) I cannot select a
> > security group ?
> >
> > On Thu, Oct 25, 2012 at 7:07 PM, Charles Moulliard <ch007m@gmail.com>
> > wrote:
> >
> > > How can I add this as under network I could not find a button to
> > define a
> > > new security group ?
> > >
> > >
> > > On Thu, Oct 25, 2012 at 6:43 PM, Edison Su <Edison.su@citrix.com>
> > wrote:
> > >
> > >> By default, the ingress packets are blocked for all the user VMs,
> > due to
> > >> the security group.
> > >> You can enable icmp or any other tcp/udp port from cloudstack mgt ui.
> > >>
> > >> > -----Original Message-----
> > >> > From: Charles Moulliard [mailto:ch007m@gmail.com]
> > >> > Sent: Thursday, October 25, 2012 9:38 AM
> > >> > To: cloudstack-users@incubator.apache.org
> > >> > Subject: Fwd: Access internal cloud instance from host
> > >> >
> > >> > Hi,
> > >> >
> > >> > I would like to thanks all the guys who have help me since
> > yesterday. I
> > >> > have been able to install and run successfully cloudstack release
> > 4.0
> > >> > on a
> > >> > MacBookPro (OSX 10.7.4) where DevCloud is deployed in VirtualBox.
> > Thx
> > >> > for
> > >> > step by step + video (
> > >> > https://cwiki.apache.org/CLOUDSTACK/cloudstack-40-test-
> > procedure.html,
> > >> > https://vimeo.com/52150218
> > >> > )
> > >> >
> > >> > Question : What should we modify to allow to access from the
> > DevCloud
> > >> > VM
> > >> > machine to one cloud instance created ?
> > >> >
> > >> > LapTop - MacBookPro with address 192.168.1.2
> > >> > Within a terminal on my mac I can connect to the DevCloud Virtual
> > >> > Machine
> > >> > using ssh
> > >> >
> > >> > ssh -p 2222 root@localhost
> > >> > root@localhost's password:
> > >> > Welcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-23-generic-pae i686)
> > >> >
> > >> >   System load:  0.36              Users logged in:       0
> > >> >   Usage of /:   31.3% of 5.57GB   IP address for eth0:   10.0.2.15
> > >> >   Memory usage: 83%               IP address for xenbr0: 10.0.2.15
> > >> >   Swap usage:   0%                IP address for xapi0:
> > 169.254.0.1
> > >> >   Processes:    133
> > >> >
> > >> > Last login: Thu Oct 25 08:00:52 2012 from 10.0.2.2
> > >> >
> > >> > Here is the config of the IP tables
> > >> >
> > >> > root@devcloud:~# ip route
> > >> > default via 10.0.2.2 dev xenbr0  metric 100
> > >> > 10.0.2.0/24 dev xenbr0  proto kernel  scope link  src 10.0.2.15
> > >> > 10.0.2.0/24 dev eth0  proto kernel  scope link  src 10.0.2.15
> > >> > 169.254.0.0/16 dev xapi0  scope link  src 169.254.0.1
> > >> >
> > >> > Through CloudStack, I have created a cloud instance (name = -2-5-
> > TEST,
> > >> > IP
> > >> > address =10.0.2.131) and I can access it from web console (
> > >> > http://localhost:8080/client/console?cmd=access&vm=421c3020-6102-
> > 4fc0-
> > >> > b83c-b25a26d9829d
> > >> > ).
> > >> >
> > >> > Unfortunately, this is not the case within the virtual machine
> > >> >
> > >> > root@devcloud:~# ping 10.0.2.131
> > >> > PING 10.0.2.131 (10.0.2.131) 56(84) bytes of data.
> > >> > From 10.0.2.15 icmp_seq=1 Destination Host Unreachable
> > >> > From 10.0.2.15 icmp_seq=2 Destination Host Unreachable
> > >> > From 10.0.2.15 icmp_seq=3 Destination Host Unreachable
> > >> >
> > >> > Is there something wrong in the config/routing tables ?
> > >> >
> > >> > Regards,
> > >> >
> > >> > --
> > >> > Charles Moulliard
> > >> > Apache Committer / Sr. Enterprise Architect (RedHat)
> > >> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >
> > >> > --
> > >> > Charles Moulliard
> > >> > Apache Committer / Sr. Enterprise Architect (RedHat)
> > >> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com
> > >>
> > >
> > >
> > >
> > > --
> > > Charles Moulliard
> > > Apache Committer / Sr. Enterprise Architect (RedHat)
> > > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com
> > >
> > >
> > >
> >
> >
> > --
> > Charles Moulliard
> > Apache Committer / Sr. Enterprise Architect (RedHat)
> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com
>



-- 
Charles Moulliard
Apache Committer / Sr. Enterprise Architect (RedHat)
Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message