cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Muhammad Adeel Zahid <16030...@lums.edu.pk>
Subject Re: Iptables of Host machine blocks http traffic to Guest VM's
Date Fri, 20 Oct 2017 09:36:20 GMT
Thanks guys, got it working after applying ingress rules and configuring firewall rules of
the template

________________________________
From: Dag Sonstebo <Dag.Sonstebo@shapeblue.com>
Sent: Friday, October 20, 2017 12:12:12 PM
To: users@cloudstack.apache.org
Subject: Re: Iptables of Host machine blocks http traffic to Guest VM's

Adeel,

Take a look at the admin guide - http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/4.9/networking_and_traffic.html#egress-fw-rules

Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue

On 19/10/2017, 20:56, "Rafael Weingärtner" <rafaelweingartner@gmail.com> wrote:

    This process of enabling ingress/egress traffic is from a user perspective.
    You should bear in mind that this is an IaaS orchestration system, and as
    such the user that is allocating and consuming resources has to be able to
    do such configurations.

    The link you are following is from the installation manual. It presents the
    requirements and basic design and installation guidelines. However, that
    link is not meant to show how to use Apache CloudStack (ACS).

    I do not know much user manuals, but you can find one here [1] that is
    developed by Leaseweb. I find it quite detailed and will be worth for you
    at the begging (learning how to get around ACS UI and API). The Ingress and
    Egress rules that I am talking about are discussed in Step 3 of [1].

    [1] https://kb.leaseweb.com/display/KB/Getting+Started%3A+CloudStack

    On Thu, Oct 19, 2017 at 5:32 PM, Muhammad Adeel Zahid <16030053@lums.edu.pk>
    wrote:

    > I am using KVM as hypervisor and for network configuration I followed the
    > following link
    >
    > http://docs.cloudstack.apache.org/projects/cloudstack-
    > installation/en/4.6/qig.html
    >
    >
    > Except that my ip addresses are from 10.0.0.x series. And I do not know
    > about ingress/egress rules and how to configure them.
    >
    > Quick Installation Guide for CentOS 6 — Apache CloudStack ...<
    > http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/4.
    > 6/qig.html>
    > docs.cloudstack.apache.org
    > High level overview of the process¶ This runbook will focus on building a
    > CloudStack cloud using KVM on CentOS 6.5 with NFS storage on a flat layer-2
    > network ...
    >
    >
    >
    >
    > ________________________________
    > From: Rafael Weingärtner <rafaelweingartner@gmail.com>
    > Sent: Friday, October 20, 2017 12:19:49 AM
    > To: users@cloudstack.apache.org
    > Subject: Re: Iptables of Host machine blocks http traffic to Guest VM's
    >
    > What type of deployment are you using?
    > Did you try configuring the ingress/egress rules for the network of the VM
    > you are creating?
    >
    > On Thu, Oct 19, 2017 at 5:17 PM, Muhammad Adeel Zahid <
    > 16030053@lums.edu.pk>
    > wrote:
    >
    > > One more finding. Even restarting the iptables service does the trick.
    > Why
    > > is that? What can I do to avoid having to restart the iptables service?
    > >
    > >
    > >
    > > Regards
    > >
    > > Adeel
    > >
    > > ________________________________
    > > From: Muhammad Adeel Zahid <16030053@lums.edu.pk>
    > > Sent: Friday, October 20, 2017 12:08:43 AM
    > > To: users@cloudstack.apache.org
    > > Subject: Iptables of Host machine blocks http traffic to Guest VM's
    > >
    > > Hello,
    > >
    > >
    > > Finally, I have created a template from centos 6.8 ISO with jdk 1.8
    > > installed and a web application hosted. I can now create VM's from this
    > > templates and they work fine except one problem. The web applications in
    > > guest VMs created from template are only accessible from the host running
    > > the VMs. If I access them (web applications) from some other system on
    > the
    > > same LAN they are not accessible until I turn off the iptables service on
    > > host machine. Is there an ip table rule that I can add to work around
    > this
    > > problem not only for the existing VMs but for the VMs I will be creating
    > on
    > > this host in the future?
    > >
    > >
    > > Regards
    > >
    > > Adeel
    > >
    > >
    >
    >
    > --
    > Rafael Weingärtner
    >



    --
    Rafael Weingärtner



Dag.Sonstebo@shapeblue.com
www.shapeblue.com<http://www.shapeblue.com>
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue




Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message