Re: Allow all external traffic (any tcp/udp/icmp) to virtual hosts
Oh I see, I only set egress_default_policy so that doesn't apply to ingress. But still, the initial issue remains. Is there a way for me to allow incoming traffic without specifying ingress rules? Disabling security groups seems to set ingress to reject all incoming traffic (not preceded by outgoing communication first ofc). Sorry for the spam. /Magnus 2013/11/29 Magnus Janson > With security groups enabled, I need to set ingress rules to allow > external traffic to my virtual hosts. > > With security groups disabled, I can't allow any external traffic to my > virtual hosts. > > Before creating the zone, I performed this: > UPDATE `cloud`.`network_offerings` SET `egress_default_policy`=1 > > Even though the default policy is changed, from reject to allow, I'm still > only able to get external traffic to my virtual hosts with adding ingress > rules. > > Seems like I have no other option then using security groups, and adding > ingress rules to every user. Doesn't seem like there's any global ingress > rules which I could apply to all users. > > Maybe this is the way it was designed? I'm looking for an alternative, as > I don't want to specify the ingress rules for each account. > > Hopefully this makes my issue a bit easier to understand. > > /Magnus > > > 2013/11/29 Magnus Janson > >> Hi Geoff, >> >> Thank you for your reply. >> >> I am using a guest gateway, and the gateway IP maps to a physical >> router/firewall. >> >> Initially I was using DefaultSharedNetworkOfferingWithSGService. But that >> required me to set egress rules for each user to allow all traffic for that >> users vm instances. However, after setting the egress rules the traffic to >> the vm instances worked great. >> >> As I have plenty of users, I would want to skip this step. So I recreated >> the zone, with DefaultSharedNetworkOffering instead. >> >> My understanding was that if I disabled security groups, they wouldn't >> block the incoming traffic to my virtual hosts anymore. However, it seems >> that I'm now stuck with a default policy to block all incoming connections >> and I don't have any possibility to allow incoming connections as I >> disabled (removed) the security groups feature. >> >> The issue here seems to be that cloudstack by default rejects all >> incoming traffic, and I can't figure out how to change that behaviours. >> >> /Magnus >> >> >> 2013/11/28 Geoff Higginbottom >> >>> Magnus, >>> >>> A Shared Network does not provide Source NAT, so therefore does not act >>> as the Gateway. When you created the network, you would have specified a >>> 'Guest Gateway' IP, this IP needs to map to a Physical Router/Firewall >>> which will provide the Routing/Firewall functionality. >>> >>> As the 'Default Shared Network' offering only provides DHCP, DNS & User >>> Data, none of the Firewall, Egress Rules VPN, LB features etc will be >>> available to you. >>> >>> Regards >>> >>> Geoff Higginbottom >>> >>> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 >>> >>> geoff.higginbot...@shapeblue.com >>> >>> -Original Message- >>> From: Magnus Janson [mailto:mag...@fnutt.us] >>> Sent: 28 November 2013 16:57 >>> To: users@cloudstack.apache.org >>> Subject: Re: Allow all external traffic (any tcp/udp/icmp) to virtual >>> hosts >>> >>> I'm not using a firewall provider, so my initial question remains. >>> >>> /Magnus >>> >>> >>> 2013/11/28 Magnus Janson >>> >>> > Oh, seems like the answer is found here: >>> > https://support.getcloudservices.com/entries/21993512-CloudStack-Enabl >>> > e-External-Access >>> > >>> > I'll try this and get back here in case I run into any trouble I can't >>> > solve. >>> > >>> > /Magnus >>> > >>> > >>> > 2013/11/28 Magnus Janson >>> > >>> >> Hi, >>> >> >>> >> How do i allow all external traffic (any tcp/udp/icmp) to my virtual >>> >> hosts? >>> >> >>> >> I'm using DefaultSharedNetworkOffering in a BASIC network. >>> >> >>> >> Security group and provider is not being used. >>> >> >>> >> So far, I've tried to change the egress_default_policy. I cou
Re: Allow all external traffic (any tcp/udp/icmp) to virtual hosts
With security groups enabled, I need to set ingress rules to allow external traffic to my virtual hosts. With security groups disabled, I can't allow any external traffic to my virtual hosts. Before creating the zone, I performed this: UPDATE `cloud`.`network_offerings` SET `egress_default_policy`=1 Even though the default policy is changed, from reject to allow, I'm still only able to get external traffic to my virtual hosts with adding ingress rules. Seems like I have no other option then using security groups, and adding ingress rules to every user. Doesn't seem like there's any global ingress rules which I could apply to all users. Maybe this is the way it was designed? I'm looking for an alternative, as I don't want to specify the ingress rules for each account. Hopefully this makes my issue a bit easier to understand. /Magnus 2013/11/29 Magnus Janson > Hi Geoff, > > Thank you for your reply. > > I am using a guest gateway, and the gateway IP maps to a physical > router/firewall. > > Initially I was using DefaultSharedNetworkOfferingWithSGService. But that > required me to set egress rules for each user to allow all traffic for that > users vm instances. However, after setting the egress rules the traffic to > the vm instances worked great. > > As I have plenty of users, I would want to skip this step. So I recreated > the zone, with DefaultSharedNetworkOffering instead. > > My understanding was that if I disabled security groups, they wouldn't > block the incoming traffic to my virtual hosts anymore. However, it seems > that I'm now stuck with a default policy to block all incoming connections > and I don't have any possibility to allow incoming connections as I > disabled (removed) the security groups feature. > > The issue here seems to be that cloudstack by default rejects all incoming > traffic, and I can't figure out how to change that behaviours. > > /Magnus > > > 2013/11/28 Geoff Higginbottom > >> Magnus, >> >> A Shared Network does not provide Source NAT, so therefore does not act >> as the Gateway. When you created the network, you would have specified a >> 'Guest Gateway' IP, this IP needs to map to a Physical Router/Firewall >> which will provide the Routing/Firewall functionality. >> >> As the 'Default Shared Network' offering only provides DHCP, DNS & User >> Data, none of the Firewall, Egress Rules VPN, LB features etc will be >> available to you. >> >> Regards >> >> Geoff Higginbottom >> >> D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 >> >> geoff.higginbot...@shapeblue.com >> >> -Original Message- >> From: Magnus Janson [mailto:mag...@fnutt.us] >> Sent: 28 November 2013 16:57 >> To: users@cloudstack.apache.org >> Subject: Re: Allow all external traffic (any tcp/udp/icmp) to virtual >> hosts >> >> I'm not using a firewall provider, so my initial question remains. >> >> /Magnus >> >> >> 2013/11/28 Magnus Janson >> >> > Oh, seems like the answer is found here: >> > https://support.getcloudservices.com/entries/21993512-CloudStack-Enabl >> > e-External-Access >> > >> > I'll try this and get back here in case I run into any trouble I can't >> > solve. >> > >> > /Magnus >> > >> > >> > 2013/11/28 Magnus Janson >> > >> >> Hi, >> >> >> >> How do i allow all external traffic (any tcp/udp/icmp) to my virtual >> >> hosts? >> >> >> >> I'm using DefaultSharedNetworkOffering in a BASIC network. >> >> >> >> Security group and provider is not being used. >> >> >> >> So far, I've tried to change the egress_default_policy. I couldn't >> >> find any way to perform this through the UI so I did it manually in >> >> the database and restarted the network: >> >> UPDATE `cloud`.`network_offerings` SET `egress_default_policy`=1 >> >> WHERE `name`='DefaultSharedNetworkOffering'; >> >> >> >> Still, it seems that all incoming traffic is rejected. >> >> >> >> Any pointers on how to achieve this would be highly appreciated. >> >> >> >> Sincerely, >> >> Magnus >> >> >> > >> > >> This email and any attachments to it may be confidential and are intended >> solely for the use of the individual to whom it is addressed. Any views or >> opinions expressed are solely those of the author and do not necessarily >> represent those of Shape Blue Ltd or related companies. If you are not the >> intended recipient of this email, you must neither take any action based >> upon its contents, nor copy or show it to anyone. Please contact the sender >> if you believe you have received this email in error. Shape Blue Ltd is a >> company incorporated in England & Wales. ShapeBlue Services India LLP is a >> company incorporated in India and is operated under license from Shape Blue >> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil >> and is operated under license from Shape Blue Ltd. ShapeBlue is a >> registered trademark. >> > >
Re: Allow all external traffic (any tcp/udp/icmp) to virtual hosts
Hi Geoff, Thank you for your reply. I am using a guest gateway, and the gateway IP maps to a physical router/firewall. Initially I was using DefaultSharedNetworkOfferingWithSGService. But that required me to set egress rules for each user to allow all traffic for that users vm instances. However, after setting the egress rules the traffic to the vm instances worked great. As I have plenty of users, I would want to skip this step. So I recreated the zone, with DefaultSharedNetworkOffering instead. My understanding was that if I disabled security groups, they wouldn't block the incoming traffic to my virtual hosts anymore. However, it seems that I'm now stuck with a default policy to block all incoming connections and I don't have any possibility to allow incoming connections as I disabled (removed) the security groups feature. The issue here seems to be that cloudstack by default rejects all incoming traffic, and I can't figure out how to change that behaviours. /Magnus 2013/11/28 Geoff Higginbottom > Magnus, > > A Shared Network does not provide Source NAT, so therefore does not act as > the Gateway. When you created the network, you would have specified a > 'Guest Gateway' IP, this IP needs to map to a Physical Router/Firewall > which will provide the Routing/Firewall functionality. > > As the 'Default Shared Network' offering only provides DHCP, DNS & User > Data, none of the Firewall, Egress Rules VPN, LB features etc will be > available to you. > > Regards > > Geoff Higginbottom > > D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581 > > geoff.higginbot...@shapeblue.com > > -Original Message- > From: Magnus Janson [mailto:mag...@fnutt.us] > Sent: 28 November 2013 16:57 > To: users@cloudstack.apache.org > Subject: Re: Allow all external traffic (any tcp/udp/icmp) to virtual hosts > > I'm not using a firewall provider, so my initial question remains. > > /Magnus > > > 2013/11/28 Magnus Janson > > > Oh, seems like the answer is found here: > > https://support.getcloudservices.com/entries/21993512-CloudStack-Enabl > > e-External-Access > > > > I'll try this and get back here in case I run into any trouble I can't > > solve. > > > > /Magnus > > > > > > 2013/11/28 Magnus Janson > > > >> Hi, > >> > >> How do i allow all external traffic (any tcp/udp/icmp) to my virtual > >> hosts? > >> > >> I'm using DefaultSharedNetworkOffering in a BASIC network. > >> > >> Security group and provider is not being used. > >> > >> So far, I've tried to change the egress_default_policy. I couldn't > >> find any way to perform this through the UI so I did it manually in > >> the database and restarted the network: > >> UPDATE `cloud`.`network_offerings` SET `egress_default_policy`=1 > >> WHERE `name`='DefaultSharedNetworkOffering'; > >> > >> Still, it seems that all incoming traffic is rejected. > >> > >> Any pointers on how to achieve this would be highly appreciated. > >> > >> Sincerely, > >> Magnus > >> > > > > > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based > upon its contents, nor copy or show it to anyone. Please contact the sender > if you believe you have received this email in error. Shape Blue Ltd is a > company incorporated in England & Wales. ShapeBlue Services India LLP is a > company incorporated in India and is operated under license from Shape Blue > Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil > and is operated under license from Shape Blue Ltd. ShapeBlue is a > registered trademark. >
Re: SSVM won't start
Hi Sebastian,
It sounds like you forgot to download the vhd-util. Either that, or you
have not placed it at the right location. It's also possible that you must
set it to executable (chmod +x vhd-util).
http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.2.0/html/Installation_Guide/management-server-install-flow.html
/Magnus
2013/11/29 Sebastian Trampler
> Hello,
>
> we have problems starting the ssvm.
>
> First of all some facts about our actual test system.
> Cloudstack is installed on Ubuntu 12.04. Primary and secondary storage are
> nfs shares hosted on Cloudstack server.
> Host is a XenServer 6.2.
>
> While starting the ssvm we get the following error messages:
>
> 2013-11-29 08:38:10,103 DEBUG [storage.volume.VolumeServiceImpl]
> (consoleproxy-1:null) Acquire lock on VMTemplateStoragePool 2280 with
> timeout 3600 seconds
> 2013-11-29 08:38:10,107 INFO [storage.volume.VolumeServiceImpl]
> (consoleproxy-1:null) lock is acquired for VMTemplateStoragePool 2280
> 2013-11-29 08:38:10,109 DEBUG [cloud.storage.VolumeManagerImpl]
> (secstorage-1:null) Checking if we need to prepare 1 volumes for
> VM[SecondaryStorageVm|s-1159-VM]
> 2013-11-29 08:38:10,135 DEBUG [storage.motion.AncientDataMotionStrategy]
> (consoleproxy-1:null) copyAsync inspecting src type TEMPLATE copyAsync
> inspecting dest type TEMPLATE
> 2013-11-29 08:38:10,137 DEBUG [storage.image.TemplateDataFactoryImpl]
> (secstorage-1:null) template 1 is already in store:2, type:Image
> 2013-11-29 08:38:10,171 DEBUG [storage.image.TemplateDataFactoryImpl]
> (secstorage-1:null) template 1 is already in store:2, type:Primary
> 2013-11-29 08:38:10,174 DEBUG [storage.volume.VolumeServiceImpl]
> (secstorage-1:null) Found template routing-1 in storage pool 2 with
> VMTemplateStoragePool id: 2280
> 2013-11-29 08:38:10,185 DEBUG [agent.transport.Request]
> (consoleproxy-1:null) Seq 1-1431371787: Sending { Cmd , MgmtId:
> 217970788423578, via: 1, Ver: v1, Flags: 100111, [{"org.apache.cloudstack.
> storage.command.CopyCommand":{"srcTO":{"org.apache.cloudstack.storage.to.
> TemplateObjectTO":{"path":"template/tmpl/1/1/","origUrl":"
> http://download.cloud.com/templates/4.2/systemvmtemplate-2013-07-12-
> master-xen.vhd.bz2","uuid":"82cd934b-4d43-11e3-8eab-
> c63e476a579a","id":1,"format":"VHD","accountId":1,"checksum":"
> fb1b6e032a160d86f2c28feb5add6d83","hvm":false,"displayText":"SystemVM
> Template (XenServer)","imageDataStore":{"com.cloud.agent.api.to.
> NfsTO":{"_url":"nfs://172.16.51.47:/export/secondary2","_
> role":"Image"}},"name":"routing-1","hypervisorType":"
> XenServer"}},"destTO":{"org.apache.cloudstack.storage.to.
> TemplateObjectTO":{"origUrl":"http://download.cloud.com/templates/4.2/
> systemvmtemplate-2013-07-12-master-xen.vhd.bz2","uuid":"
> 82cd934b-4d43-11e3-8eab-c63e476a579a","id":1,"format":
> "VHD","accountId":1,"checksum":"fb1b6e032a160d86f2c28feb5add6d
> 83","hvm":false,"displayText":"SystemVM Template
> (XenServer)","imageDataStore":{"org.apache.cloudstack.
> storage.to.PrimaryDataStoreTO":{"uuid":"fefdf148-d326-3fa0-
> 9aca-3f8956fbd8f7","id":2,"poolType":"NetworkFilesystem",
> "host":"172.16.51.47","path":"/export/primary2","port":2049}
> },"name":"routing-1","hypervisorType":"XenServer"}},
> "executeInSequence":true,"wait":10800}}] }
> 2013-11-29 08:38:10,187 DEBUG [agent.transport.Request]
> (consoleproxy-1:null) Seq 1-1431371787: Executing: { Cmd , MgmtId:
> 217970788423578, via: 1, Ver: v1, Flags: 100111, [{"org.apache.cloudstack.
> storage.command.CopyCommand":{"srcTO":{"org.apache.cloudstack.storage.to.
> TemplateObjectTO":{"path":"template/tmpl/1/1/","origUrl":"
> http://download.cloud.com/templates/4.2/systemvmtemplate-2013-07-12-
> master-xen.vhd.bz2","uuid":"82cd934b-4d43-11e3-8eab-
> c63e476a579a","id":1,"format":"VHD","accountId":1,"checksum":"
> fb1b6e032a160d86f2c28feb5add6d83","hvm":false,"displayText":"SystemVM
> Template (XenServer)","imageDataStore":{"com.cloud.agent.api.to.
> NfsTO":{"_url":"nfs://172.16.51.47:/export/secondary2","_
> role":"Image"}},"name":"routing-1","hypervisorType":"
> XenServer"}},"destTO":{"org.apache.cloudstack.storage.to.
> TemplateObjectTO":{"origUrl":"http://download.cloud.com/templates/4.2/
> systemvmtemplate-2013-07-12-master-xen.vhd.bz2","uuid":"
> 82cd934b-4d43-11e3-8eab-c63e476a579a","id":1,"format":
> "VHD","accountId":1,"checksum":"fb1b6e032a160d86f2c28feb5add6d
> 83","hvm":false,"displayText":"SystemVM Template
> (XenServer)","imageDataStore":{"org.apache.cloudstack.
> storage.to.PrimaryDataStoreTO":{"uuid":"fefdf148-d326-3fa0-
> 9aca-3f8956fbd8f7","id":2,"poolType":"NetworkFilesystem",
> "host":"172.16.51.47","path":"/export/primary2","port":2049}
> },"name":"routing-1","hypervisorType":"XenServer"}},
> "executeInSequence":true,"wait":10800}}] }
> 2013-11-29 08:38:10,188 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-1:null) Seq 1-1431371787: Executing request
> 2013-11-29 08:38:10,190 DEBUG [storage.volume.VolumeServiceImpl]
> (secstorage-1:null) Acquir
Re: Allow all external traffic (any tcp/udp/icmp) to virtual hosts
I'm not using a firewall provider, so my initial question remains. /Magnus 2013/11/28 Magnus Janson > Oh, seems like the answer is found here: > https://support.getcloudservices.com/entries/21993512-CloudStack-Enable-External-Access > > I'll try this and get back here in case I run into any trouble I can't > solve. > > /Magnus > > > 2013/11/28 Magnus Janson > >> Hi, >> >> How do i allow all external traffic (any tcp/udp/icmp) to my virtual >> hosts? >> >> I'm using DefaultSharedNetworkOffering in a BASIC network. >> >> Security group and provider is not being used. >> >> So far, I've tried to change the egress_default_policy. I couldn't find >> any way to perform this through the UI so I did it manually in the database >> and restarted the network: >> UPDATE `cloud`.`network_offerings` SET `egress_default_policy`=1 WHERE >> `name`='DefaultSharedNetworkOffering'; >> >> Still, it seems that all incoming traffic is rejected. >> >> Any pointers on how to achieve this would be highly appreciated. >> >> Sincerely, >> Magnus >> > >
Re: Allow all external traffic (any tcp/udp/icmp) to virtual hosts
Oh, seems like the answer is found here: https://support.getcloudservices.com/entries/21993512-CloudStack-Enable-External-Access I'll try this and get back here in case I run into any trouble I can't solve. /Magnus 2013/11/28 Magnus Janson > Hi, > > How do i allow all external traffic (any tcp/udp/icmp) to my virtual hosts? > > I'm using DefaultSharedNetworkOffering in a BASIC network. > > Security group and provider is not being used. > > So far, I've tried to change the egress_default_policy. I couldn't find > any way to perform this through the UI so I did it manually in the database > and restarted the network: > UPDATE `cloud`.`network_offerings` SET `egress_default_policy`=1 WHERE > `name`='DefaultSharedNetworkOffering'; > > Still, it seems that all incoming traffic is rejected. > > Any pointers on how to achieve this would be highly appreciated. > > Sincerely, > Magnus >
Allow all external traffic (any tcp/udp/icmp) to virtual hosts
Hi, How do i allow all external traffic (any tcp/udp/icmp) to my virtual hosts? I'm using DefaultSharedNetworkOffering in a BASIC network. Security group and provider is not being used. So far, I've tried to change the egress_default_policy. I couldn't find any way to perform this through the UI so I did it manually in the database and restarted the network: UPDATE `cloud`.`network_offerings` SET `egress_default_policy`=1 WHERE `name`='DefaultSharedNetworkOffering'; Still, it seems that all incoming traffic is rejected. Any pointers on how to achieve this would be highly appreciated. Sincerely, Magnus
Basic Network - change bridge for SSVM SAN NFS communication
Hi Folks, I'm using CS 4.2 with KVM and basic network. This mail is pretty long, but my questions is quite short. I'm trying to figure out how I could change which bridge my SSVM uses when it to connects to my SAN server. Including some of my thoughts and details below for this - When the agent creates the SSVM it seems to be using the default gateway route for configuring all of the SSVM network interfaces. This causes my SSVM not to be able to connect to my SAN server. As the SAN server is on a completely different network (dedicated network segment&switch). My agent.properties file contains the following rows: guest.network.device=cloudbr0 private.network.device=cloudbr0 public.network.device=cloudbr0 I would like my storage network communication to go over cloudbr1, which is my agent network interface for my SAN network. I'm very unsure about which, if any of these, that I should change. And I'm also unsure if changing them would solve this issue. Of course I could go ahead and do some manual NIC and route changes over at my SSVM but that feels like the wrong solution to this issue. Agent interfaces cloudbr0 - addr: 10.100.38.150 mask:255.255.255.128 cloudbr1 - addr: 172.30.11.200 mask:255.255.255.0 cloud0 - inet addr:169.254.0.1 mask:255.255.0.0 eth0 - bridged to cloudbr0 eth1 - bridge to cloudbr1 Agent default route $ip route|grep default default via 10.100.38.129 dev cloudbr0 SSVM network interfaces root@s-1-VM:~# ifconfig -a eth0 Link encap:Ethernet HWaddr 0e:00:a9:fe:00:f7 inet addr:169.254.0.247 Bcast:169.254.255.255 Mask:255.255.0.0 eth1 Link encap:Ethernet HWaddr 06:11:d0:00:00:02 inet addr:10.100.38.131 Bcast:10.100.38.255 Mask:255.255.255.128 eth2 Link encap:Ethernet HWaddr 06:f5:ce:00:00:07 inet addr:10.100.38.136 Bcast:10.100.38.255 Mask:255.255.255.128 eth3 Link encap:Ethernet HWaddr 06:df:14:00:00:01 inet addr:10.100.38.130 Bcast:10.100.38.255 Mask:255.255.255.128 Manual mount test from SSVM, will reach timeout as it can't route to the destination ip root@s-1-VM:/tmp# mount -v -t nfs 172.30.11.20:/mnt/vg2/vol2/nfs2 /tmp/test mount.nfs: timeout set for Wed Nov 20 16:19:50 2013 mount.nfs: trying text-based options 'vers=4,addr=172.30.11.20,clientaddr=10.100.38.131' Best Regards, Magnus
Re: CloudStack secondary storage capacity issue
So I did some more digging, and found out that I couldn't mount my drive correctly via the SSVM either. It takes extremely long time to mount it, and it seems like the routes are all messed up so it's not correctly mounting it in the end either. It seems that my management and storage networks are not separated in CloudStack. My SAN storage network is on 172.30.11. and management on 10.100.38. The SSVM tries to route the traffic for my SAN storage over my management network. It seems like it's using IP's from the range specified for my management network. I've added the SAN ip range to PhysicalNetworksInBasicZone->Storage but that doesn't seem to have any effect at all. root@s-19-VM:~# ip route default via 10.100.38.129 dev eth2 10.100.32.20 via 10.100.38.129 dev eth1 10.100.37.26 via 10.100.38.129 dev eth1 10.100.38.128/25 dev eth1 proto kernel scope link src 10.100.38.130 10.100.38.128/25 dev eth2 proto kernel scope link src 10.100.38.135 10.100.38.128/25 dev eth3 proto kernel scope link src 10.100.38.131 169.254.0.0/16 dev eth0 proto kernel scope link src 169.254.0.167 172.30.11.20 via 10.100.38.129 dev eth1 How do I configure the SSVM to use 172.30.11. network for SAN? 2013/11/19 Magnus Janson > Hi All, > > I'm having an issue with CloudStack 4.2 (KVM) and secondary storage. > CloudStack reports that 100% is used, according to CloudStack the capacity > is 275.98MB but the capacity is actually 1.7T. > > Dashboard reports: > Secondary Storage > 275.98 MB / 275.98 MB > > Infrastructure -> Secondary Storage settings: > Name: secondary > URL: nfs://172.30.11.20/mnt/vg2/vol2/nfs2 > Provider: NFS > > Checking the storage from centos (mounted the nfs share temporarily): > [root@host root]# df -h > FilesystemSize Used Avail Use% > Mounted on > 172.30.11.20:/mnt/vg2/vol2/nfs2 1.8T 460M 1.7T 1% > /mnt/secondary > > select id,name,status,type,resource_state,available,capabilities,version > from cloud.host where type='SecondaryStorageVM'; > > '2', 's-19-VM', 'Up', 'SecondaryStorageVM', 'Enabled', '1', NULL, '4.2.0' > > I've been checking the management-servers logfiles but can't find any clue > to what's causing this. > > As far as I can see the, the device is mounted correctly. I really don't > understand why df -h would report 1.7T when the device is mounted, while > CloudStack can only find/use a total of 275.98 MB. > > I don't know how to continue the troubleshooting, any help in the right > direction from you guys would be highly appreciated. > > Best Regards, > Magnus Jansson >
CloudStack secondary storage capacity issue
Hi All, I'm having an issue with CloudStack 4.2 (KVM) and secondary storage. CloudStack reports that 100% is used, according to CloudStack the capacity is 275.98MB but the capacity is actually 1.7T. Dashboard reports: Secondary Storage 275.98 MB / 275.98 MB Infrastructure -> Secondary Storage settings: Name: secondary URL: nfs://172.30.11.20/mnt/vg2/vol2/nfs2 Provider: NFS Checking the storage from centos (mounted the nfs share temporarily): [root@host root]# df -h FilesystemSize Used Avail Use% Mounted on 172.30.11.20:/mnt/vg2/vol2/nfs2 1.8T 460M 1.7T 1%/mnt/secondary select id,name,status,type,resource_state,available,capabilities,version from cloud.host where type='SecondaryStorageVM'; > '2', 's-19-VM', 'Up', 'SecondaryStorageVM', 'Enabled', '1', NULL, '4.2.0' I've been checking the management-servers logfiles but can't find any clue to what's causing this. As far as I can see the, the device is mounted correctly. I really don't understand why df -h would report 1.7T when the device is mounted, while CloudStack can only find/use a total of 275.98 MB. I don't know how to continue the troubleshooting, any help in the right direction from you guys would be highly appreciated. Best Regards, Magnus Jansson
CloudStack secondary storage capacity issue
Hi All, I'm having an issue with CloudStack 4.2 (KVM) and secondary storage. CloudStack reports that 100% is used, according to CloudStack the capacity is 275.98MB but the capacity is actually 1.7T. Dashboard reports: Secondary Storage 275.98 MB / 275.98 MB Infrastructure -> Secondary Storage settings: Name: secondary URL: nfs://172.30.11.20/mnt/vg2/vol2/nfs2 Provider: NFS Checking the storage from centos (mounted the nfs share temporarily): [root@host root]# df -h FilesystemSize Used Avail Use% Mounted on 172.30.11.20:/mnt/vg2/vol2/nfs2 1.8T 460M 1.7T 1%/mnt/secondary select id,name,status,type,resource_state,available,capabilities,version from cloud.host where type='SecondaryStorageVM'; > '2', 's-19-VM', 'Up', 'SecondaryStorageVM', 'Enabled', '1', NULL, '4.2.0' I've been checking the management-servers logfiles but can't find any clue to what's causing this. As far as I can see the, the device is mounted correctly. I really don't understand why df -h would report 1.7T when the device is mounted, while CloudStack can only find/use a total of 275.98 MB. I don't know how to continue the troubleshooting, any help in the right direction from you guys would be highly appreciated. Best Regards, Magnus Jansson
