cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Boris Stoyanov <boris.stoya...@shapeblue.com>
Subject Re: Basic Networking (ACS 4.9) --Allow VMs access from Local Area Network
Date Wed, 15 Feb 2017 08:50:34 GMT
Hi John,

In isolated networks VMs should be accessed only through the virtual router IP. 

To access the VM over ssh, you should go to network setting and enable a port on the Virtual
Router IP. Then create a port forwarding rule from that enabled port to port 22 on the specific
VM within that network. After that try to ssh the enabled port on the VR and you should end-up
in the VM

PS. In isolated networks you shouldn’t be able to ping the VM, all the traffic goes through
the VR. 

Thanks,
Boris Stoyanov

 

boris.stoyanov@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue
  
 

> On Feb 15, 2017, at 8:37 AM, John Adams <adams.opiyo@gmail.com> wrote:
> 
> Hi all,
> 
> Still learning the ropes in a test environment here. Hitting a little snag
> with networking here. The physical network has 2 VLANs. (192.168.10.0 and
> 192.168.30.0)
> 
> This is my current ACS testing environment:
> 
> 1 management server (Ubuntu 14.04): 192.168.30.14
> 2 KVM  Hosts (Ubuntu 14.04): 192.168.10.12 and 192.168.30.12
> 
> With that, I created 2 different zones, each with 1 pod and 1 cluster and 1
> host respectively.
> 
> *The good:*
> I can create VMs on either of the hosts. I'm able to ping the VMs and even
> ssh into them only if I'm on the host or the management server or from the
> ACS console itself (within the network).
> 
> *The Issue:*
> I can't ssh or even ping the VMs when in the same network outside the host
> environment. What could be the problem?
> 
> A. Management Server network config is as below:
> -------------------------
> *auto lo*
> *iface lo inet loopback*
> 
> *auto eth0*
> *iface eth0 inet static*
> *       address 192.168.30.14*
> *       netmask 255.255.255.0*
> *       gateway 192.168.30.254*
>       *dns-nameservers 192.168.30.254 4.2.2.2*
>       *#dns-domain cloudstack.et.test.local*
> ---------------------------------------------
> 
> B. The KVM host network configuration is a below:
> 
> Host 1: .10
> -----------------------------------------
> 
> *# interfaces(5) file used by ifup(8) and ifdown(8)*
> 
> *auto lo*
> 
> *iface lo inet loopback*
> 
> *# The primary network interface*
> 
> *auto em1*
> 
> *iface em1 inet manual*
> 
> 
> *# Public network*
> 
> *   auto cloudbr0*
> 
> *   iface cloudbr0 inet static*
> 
> *    address 192.168.10.12*
> 
> *    network 192.168.10.0*
> 
> *    netmask 255.255.255.0*
> 
> *    gateway 192.168.10.254*
> 
> *    broadcast 192.168.10.255*
> 
> *    dns-nameservers 192.168.10.254 4.2.2.2*
> 
> *    #dns-domain cloudstack.et.test.local*
> 
> *    bridge_ports em1*
> 
> *    bridge_fd 5*
> 
> *    bridge_stp off*
> 
> *    bridge_maxwait 1*
> 
> 
> *# Private network (not in use for now. Just using 1 bridge)*
> 
> *    auto cloudbr1*
> 
> *    iface cloudbr1 inet manual*
> 
> *    bridge_ports none*
> 
> *    bridge_fd 5*
> 
> *    bridge_stp off*
> 
> *    bridge_maxwait 1*
> -----------------------------------
> 
> 
> Host 2: .30
> -----------------------------------
> 
> *# interfaces(5) file used by ifup(8) and ifdown(8)*
> 
> *auto lo*
> 
> *iface lo inet loopback*
> 
> *# The primary network interface*
> 
> *auto em1*
> 
> *iface em1 inet manual*
> 
> 
> *# Public network*
> 
> *   auto cloudbr0*
> 
> *   iface cloudbr0 inet static*
> 
> *    address 192.168.30.12*
> 
> *    network 192.168.30.0*
> 
> *    netmask 255.255.255.0*
> 
> *    gateway 192.168.30.254*
> 
> *    broadcast 192.168.30.255*
> 
> *    dns-nameservers 192.168.30.254 4.2.2.2*
> 
> *    #dns-domain cloudstack.et.test.local*
> 
> *    bridge_ports em1*
> 
> *    bridge_fd 5*
> 
> *    bridge_stp off*
> 
> *    bridge_maxwait 1*
> 
> 
> *# Private network (not in use for now. Just using 1 bridge)*
> 
> *    auto cloudbr1*
> 
> *    iface cloudbr1 inet manual*
> 
> *    bridge_ports none*
> 
> *    bridge_fd 5*
> 
> *    bridge_stp off*
> 
> *    bridge_maxwait 1*
> 
> -----------------------------------
> 
> 
> --John O. Adams

Mime
View raw message