Return-Path: X-Original-To: apmail-incubator-cloudstack-users-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-users-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 72850D854 for ; Fri, 26 Oct 2012 06:47:58 +0000 (UTC) Received: (qmail 83373 invoked by uid 500); 26 Oct 2012 06:47:58 -0000 Delivered-To: apmail-incubator-cloudstack-users-archive@incubator.apache.org Received: (qmail 82912 invoked by uid 500); 26 Oct 2012 06:47:56 -0000 Mailing-List: contact cloudstack-users-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-users@incubator.apache.org Delivered-To: mailing list cloudstack-users@incubator.apache.org Received: (qmail 82886 invoked by uid 99); 26 Oct 2012 06:47:55 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 26 Oct 2012 06:47:55 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of ch007m@gmail.com designates 209.85.212.47 as permitted sender) Received: from [209.85.212.47] (HELO mail-vb0-f47.google.com) (209.85.212.47) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 26 Oct 2012 06:47:49 +0000 Received: by mail-vb0-f47.google.com with SMTP id ez10so2687544vbb.6 for ; Thu, 25 Oct 2012 23:47:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=3XXkzAIw2VWH3S4emBR0KhS701c3dUz1C9I7LB4Ozc0=; b=imNdnFxFhngOE8x9Hflx62LvtAQq1rOZQbSUD+X2MKs7WqbNfR2Ik2uZfNx9eqXeFd npJgVrsvtKCVKf7LJJdbQaEvoCdBPELSWb0yYUTKGiKSKcdERBvdQtdSrTA474HKny1H 0r9PVh4ObD+YTo7HBZjSnQ/P5Qe0Ad5bWbkCNw5/EOwlNnsTOy9R3a0v3wu245yqMRP7 jJPk43Rvz+n47sLcNCOovXFO4ukJw20TaqHeTDi9egqxDwHnmZsTaVjAEsnssKavQ/ZP +DUoGgzReq8jntH2BwtCoAOQSVmCIeaNkqz1xsF0hox8mjNP1LoPnDNt6kshSyuL2uBg 9Ztw== MIME-Version: 1.0 Received: by 10.58.189.40 with SMTP id gf8mr40069111vec.24.1351234048365; Thu, 25 Oct 2012 23:47:28 -0700 (PDT) Received: by 10.58.54.209 with HTTP; Thu, 25 Oct 2012 23:47:28 -0700 (PDT) In-Reply-To: References: Date: Fri, 26 Oct 2012 08:47:28 +0200 Message-ID: Subject: Re: Access internal cloud instance from host From: Charles Moulliard To: cloudstack-users@incubator.apache.org Content-Type: multipart/alternative; boundary=047d7b5d24527614c704ccf0b14b X-Virus-Checked: Checked by ClamAV on apache.org --047d7b5d24527614c704ccf0b14b Content-Type: text/plain; charset=ISO-8859-1 I have created a security profile and use it when I create a new instance. I have added a ingress rule to allow TCP/IP port to be open from 0 to 10000 - CICR 10.0.2.0/24 (and also TCP/IP 22 22 0.0.0.0/0) Unfortunately I cannot connect from DevCloud VM to the cloud instance oot@devcloud:~# ssh root@10.0.2.100 ssh: connect to host 10.0.2.100 port 22: No route to host root@devcloud:~# ip route default via 10.0.2.2 dev xenbr0 metric 100 10.0.2.0/24 dev xenbr0 proto kernel scope link src 10.0.2.15 10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 169.254.0.0/16 dev xapi0 scope link src 169.254.0.1 If I try to open the instance using the web console, I see this message in the web console [ 118.613066] martian destination 0.0.0.0 from 10.0.2.2, dev eth0 On Thu, Oct 25, 2012 at 8:01 PM, Edison Su wrote: > You need to create a new security group from UI, then when you create a > new instance, you will see the available security groups created by > yourself, and can select some of them. > > > -----Original Message----- > > From: Charles Moulliard [mailto:ch007m@gmail.com] > > Sent: Thursday, October 25, 2012 10:17 AM > > To: cloudstack-users@incubator.apache.org > > Subject: Re: Access internal cloud instance from host > > > > I have been able to add ingress rule to the default security group > > > > When I create a new instance (using web interface) I cannot select a > > security group ? > > > > On Thu, Oct 25, 2012 at 7:07 PM, Charles Moulliard > > wrote: > > > > > How can I add this as under network I could not find a button to > > define a > > > new security group ? > > > > > > > > > On Thu, Oct 25, 2012 at 6:43 PM, Edison Su > > wrote: > > > > > >> By default, the ingress packets are blocked for all the user VMs, > > due to > > >> the security group. > > >> You can enable icmp or any other tcp/udp port from cloudstack mgt ui. > > >> > > >> > -----Original Message----- > > >> > From: Charles Moulliard [mailto:ch007m@gmail.com] > > >> > Sent: Thursday, October 25, 2012 9:38 AM > > >> > To: cloudstack-users@incubator.apache.org > > >> > Subject: Fwd: Access internal cloud instance from host > > >> > > > >> > Hi, > > >> > > > >> > I would like to thanks all the guys who have help me since > > yesterday. I > > >> > have been able to install and run successfully cloudstack release > > 4.0 > > >> > on a > > >> > MacBookPro (OSX 10.7.4) where DevCloud is deployed in VirtualBox. > > Thx > > >> > for > > >> > step by step + video ( > > >> > https://cwiki.apache.org/CLOUDSTACK/cloudstack-40-test- > > procedure.html, > > >> > https://vimeo.com/52150218 > > >> > ) > > >> > > > >> > Question : What should we modify to allow to access from the > > DevCloud > > >> > VM > > >> > machine to one cloud instance created ? > > >> > > > >> > LapTop - MacBookPro with address 192.168.1.2 > > >> > Within a terminal on my mac I can connect to the DevCloud Virtual > > >> > Machine > > >> > using ssh > > >> > > > >> > ssh -p 2222 root@localhost > > >> > root@localhost's password: > > >> > Welcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-23-generic-pae i686) > > >> > > > >> > System load: 0.36 Users logged in: 0 > > >> > Usage of /: 31.3% of 5.57GB IP address for eth0: 10.0.2.15 > > >> > Memory usage: 83% IP address for xenbr0: 10.0.2.15 > > >> > Swap usage: 0% IP address for xapi0: > > 169.254.0.1 > > >> > Processes: 133 > > >> > > > >> > Last login: Thu Oct 25 08:00:52 2012 from 10.0.2.2 > > >> > > > >> > Here is the config of the IP tables > > >> > > > >> > root@devcloud:~# ip route > > >> > default via 10.0.2.2 dev xenbr0 metric 100 > > >> > 10.0.2.0/24 dev xenbr0 proto kernel scope link src 10.0.2.15 > > >> > 10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 > > >> > 169.254.0.0/16 dev xapi0 scope link src 169.254.0.1 > > >> > > > >> > Through CloudStack, I have created a cloud instance (name = -2-5- > > TEST, > > >> > IP > > >> > address =10.0.2.131) and I can access it from web console ( > > >> > http://localhost:8080/client/console?cmd=access&vm=421c3020-6102- > > 4fc0- > > >> > b83c-b25a26d9829d > > >> > ). > > >> > > > >> > Unfortunately, this is not the case within the virtual machine > > >> > > > >> > root@devcloud:~# ping 10.0.2.131 > > >> > PING 10.0.2.131 (10.0.2.131) 56(84) bytes of data. > > >> > From 10.0.2.15 icmp_seq=1 Destination Host Unreachable > > >> > From 10.0.2.15 icmp_seq=2 Destination Host Unreachable > > >> > From 10.0.2.15 icmp_seq=3 Destination Host Unreachable > > >> > > > >> > Is there something wrong in the config/routing tables ? > > >> > > > >> > Regards, > > >> > > > >> > -- > > >> > Charles Moulliard > > >> > Apache Committer / Sr. Enterprise Architect (RedHat) > > >> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > -- > > >> > Charles Moulliard > > >> > Apache Committer / Sr. Enterprise Architect (RedHat) > > >> > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com > > >> > > > > > > > > > > > > -- > > > Charles Moulliard > > > Apache Committer / Sr. Enterprise Architect (RedHat) > > > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com > > > > > > > > > > > > > > > -- > > Charles Moulliard > > Apache Committer / Sr. Enterprise Architect (RedHat) > > Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com > -- Charles Moulliard Apache Committer / Sr. Enterprise Architect (RedHat) Twitter : @cmoulliard | Blog : http://cmoulliard.blogspot.com --047d7b5d24527614c704ccf0b14b--