Re: SSH Access to Guest VM without Public IP 4.1
Hi Shankar, Yes All my VM's have a private ip(10.10.*.*) assigned to it and these are accessible within my cloud, that is only if I am inside my cloud's network. I can ssh into the vm's from host or management server but not from outside this network. I don't have lot of public ip's available, so I don't have the option to provide public ip's to every vm. But I still some how want to provide ssh access to the vm's. Say I have only 1 public ip and I am using it for management node. So from the internet (outside world) only this ip is visible. Therefore I need to some how make use of this to provide ssh access to my other vm's. So I would do something like the following on management server, On management server, * set a forwarding rule in my iptables to forward all incoming traffic to the port 50001 to vm1-internal-ip:22, 50002 to vm2-internal-ip:22 and so on. * So I need a event hook to create this port forwarding when vm is started and assign a unique port and remove it when it is stopped. Regards, Vairavan M. On 10/24/13 3:48 AM, Shanker Balan shanker.ba...@shapeblue.com wrote: On 24-Oct-2013, at 7:04 am, Murugappan, Vairavan vmurugap...@miners.utep.edu wrote: Hi, Is there a way to provide ssh into the guest vm on the basic networking mode. Where there is no Public IP's available on the guest OS. If So how? In a basic network, each VM is assigned an IP directly from the network. Make sure these IPs are from a routable subnet. If Not? Is there a way to attach a script or a hook when a Guest VM is started, stopped or destroyed? Create an OS template with the required hooks for start/stop action. The VM however would not know that its being destroyed. For destroy actions, you would need to hook into the CloudStack event framework. So that I can setup some sort of port forwarding on the management server's public ip or any other separate server (login server) with public ip. I am not sure what exactly you are trying to do here. Can you explain more? Say for vm 1 i assign port 50001 and forward all traffic to mgmt server's port 50001 to internal private ip of guestvm's port 22. Why do you require a management server port in the first place? And remove the forwarding when the vm is stopped. Maybe others can respond to your query better. :) -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
SSH Access to Guest VM without Public IP 4.1
Hi, Is there a way to provide ssh into the guest vm on the basic networking mode. Where there is no Public IP's available on the guest OS. If So how? If Not? Is there a way to attach a script or a hook when a Guest VM is started, stopped or destroyed? So that I can setup some sort of port forwarding on the management server's public ip or any other separate server (login server) with public ip. Say for vm 1 i assign port 50001 and forward all traffic to mgmt server's port 50001 to internal private ip of guestvm's port 22. And remove the forwarding when the vm is stopped. Regards, Vairavan M.
[SOLVED] RE: Network Setup Problem 4.1.1
Hi Marty, I figured it out. The problem was when the cloud stack creates the bridge on the host machine, for some reason it's not mapping my physcial NIC to the correctly. My NIC's are called em1 and em2, not eth0 and eth1. And I have 2 NIC's but I am using only one, but I guess it's trying to use both or something like that. And also in the network configuration page, I left everything as it was (default) - the network name to Physical Network 1 and no labels for management and guest traffic, that could have also been a problem. So, this is what I did. I created a bridge called Cloudbr1 on my host machine and assigned the ip address to it and mapped it to my NIC (em1). And on the add network page I mentioned the labels for both management and guest traffic as Cloudbr1 and it worked. Thanks for the help. Regards, Vairavan M. -Original Message- From: Murugappan, Vairavan [mailto:vmurugap...@miners.utep.edu] Sent: Tuesday, October 22, 2013 5:03 PM To: users@cloudstack.apache.org Subject: RE: Network Setup Problem 4.1.1 Hi Marty, No I don't own a range of public ip's and I am jus looking for a simple setup at this moment. I changed the ip's as you suggested. Management: Em1: publicip Em2: 10.10.0.1, netmas:255.255.255.0 Agent:(host) And I assume by agent you mean the physical host (Compute Node) : Em1: 10.10.0.2, netmask: 255.255.255.0, gateway=10.10.0.1, dns=10.10.0.1 And I also changed the switch ip to 10.10.0.254 * I can ping my host from mgmt and vice versa. Host OS has internet. * I cannot ping any ip's of SSVM or Console VM from Mgmt server. * I can ping the link local ip (169.*.*.*) of SSVM from the host, but not the other 10.10.*.* ip's * I still get the same No Secondary Storage VM Error This was the case in the previous configuration as well. And please note that I have not created any vlan's or bridges on host or switch or management server. So is there anything I should do on switch (Dell 6248) and should I create any vlan's on host (which I already mentioned in my previous post)? Thank you. Regards, Vairavan M. -Original Message- From: Marty Sweet [mailto:msweet@gmail.com] Sent: Tuesday, October 22, 2013 1:14 PM To: users@cloudstack.apache.org Subject: Re: Network Setup Problem 4.1.1 Hi Vairavan, The main highlight here is that you are using 20.xxx.xxx.xxx as your private network, this is not compliant with RFC1918 and would cause connectivity issues to public address in this subnet. Do you own a range of public IP address you wish to allocate to VMs? If so, this will effect the way you setup your Cloudstack Networking. If not, and you are looking for a simple setup, I would recommend the following: Management: eth0: your.public.ip.addr eth1: 10.10.0.1/24 (Private Interface) Agent: eth0: 10.10.0.2/24 If you wish to stick to your current setup (which I would advise against), can your agent ping your 20.1.1.1? Marty On Tue, Oct 22, 2013 at 7:28 PM, Murugappan, Vairavan vmurugap...@miners.utep.edu wrote: Hi, I am trying to setup a basic cloudstack 4.1.1 installation (test setup) with 1 Management (mgmt) server (centos 6.4), 1 host machine(cents 6.4) and 1 dell6248 switch Mgmt has 2 NIC's * One connected to the internet * Another with local ip 20.1.1.1 (which acts a gateway) net mask 255.0.0.0 * I have added NAT rules to forward internet to rest of the network * And this runs a dns server * Also this hosts the Mysql and NFS (/export/primary, /export/secondary) * But No dhcp server * I followed the instructions in the document and the management server is running and I can access it through browser DELL6248 Switch * I assigned ip as 20.2.1.1 netmask 255.0.0.0 gateway 20.1.1.1 * No Vlan configured, left it at default config Host Machine has 1 NIC * It is connected to the Switch * I followed the steps in the document (installation for KVM) for creating bridges * I Assigned ip 20.1.1.2 to the vlan em1.100 [ Netmask 255.0.0.0 Gateway 20.1.1.1 ] (em is my eth) and no ip on em1, Amd configured 2 bridges as said. - But, With this setup the host machine cannot even ping the switch - and mgmt server. - I tried assigning the 192.*.*.* ip to em1.100 with the ip at virbr0(192.*.*.1) as gateway but same result cannot ping the switch or mgmt.. * So removed all vlan's and bridges and just set 20.1.1.2 to em1 [ Netmask 255.0.0.0 Gateway 20.1.1.1]. Now it works as expected and I can access the internet as well. Setup: * I proceeded with the basic installation * Pod - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.5 - 20.1.1.20 * Guest - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.30 - 20.1.1.200 * The Zone gets added successfully. No error
Network Setup Problem 4.1.1
Hi, I am trying to setup a basic cloudstack 4.1.1 installation (test setup) with 1 Management (mgmt) server (centos 6.4), 1 host machine(cents 6.4) and 1 dell6248 switch Mgmt has 2 NIC's * One connected to the internet * Another with local ip 20.1.1.1 (which acts a gateway) net mask 255.0.0.0 * I have added NAT rules to forward internet to rest of the network * And this runs a dns server * Also this hosts the Mysql and NFS (/export/primary, /export/secondary) * But No dhcp server * I followed the instructions in the document and the management server is running and I can access it through browser DELL6248 Switch * I assigned ip as 20.2.1.1 netmask 255.0.0.0 gateway 20.1.1.1 * No Vlan configured, left it at default config Host Machine has 1 NIC * It is connected to the Switch * I followed the steps in the document (installation for KVM) for creating bridges * I Assigned ip 20.1.1.2 to the vlan em1.100 [ Netmask 255.0.0.0 Gateway 20.1.1.1 ] (em is my eth) and no ip on em1, Amd configured 2 bridges as said. - But, With this setup the host machine cannot even ping the switch and mgmt server. - I tried assigning the 192.*.*.* ip to em1.100 with the ip at virbr0(192.*.*.1) as gateway but same result cannot ping the switch or mgmt.. * So removed all vlan's and bridges and just set 20.1.1.2 to em1 [ Netmask 255.0.0.0 Gateway 20.1.1.1]. Now it works as expected and I can access the internet as well. Setup: * I proceeded with the basic installation * Pod - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.5 - 20.1.1.20 * Guest - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.30 - 20.1.1.200 * The Zone gets added successfully. No error on that. It creates cloubr0 bridge on host by itself and moves the ip from em1 to cloudbr0 and also starts the SSVM and Console VM on the host machine. But I get this There is no secondary storage VM for secondary storage host nfs://20.1.1.1/export/secondary On the management server log. SSVM Guest Machine * I can log into the SSVM from host using iplink local and I ran the SSVM test script, it seems it cannot connect to the gateway (20.1.1.1). * Following are the ip assigned to SSVM oPublic - 20.1.1.30 (eth2) , Private - 20.1.111 (eth1) , Link Local - 169.254.2.151 (eth0) , oAnd on eth3 20.1.1.20 (Not sure what this is for) Problems: * SSVM cannot access switch or gateway server (mgmt,nfs,mysql) or internet * And I cannot add any iso's or the cannot see the system default iso on the add instance screen. So there's something wrong in my network configuration over here but I couldn't figure out what it is. So any help on this would be much appreciated. Regards, Vairavan M.
RE: Network Setup Problem 4.1.1
Hi Marty, No I don't own a range of public ip's and I am jus looking for a simple setup at this moment. I changed the ip's as you suggested. Management: Em1: publicip Em2: 10.10.0.1, netmas:255.255.255.0 Agent:(host) And I assume by agent you mean the physical host (Compute Node) : Em1: 10.10.0.2, netmask: 255.255.255.0, gateway=10.10.0.1, dns=10.10.0.1 And I also changed the switch ip to 10.10.0.254 * I can ping my host from mgmt and vice versa. Host OS has internet. * I cannot ping any ip's of SSVM or Console VM from Mgmt server. * I can ping the link local ip (169.*.*.*) of SSVM from the host, but not the other 10.10.*.* ip's * I still get the same No Secondary Storage VM Error This was the case in the previous configuration as well. And please note that I have not created any vlan's or bridges on host or switch or management server. So is there anything I should do on switch (Dell 6248) and should I create any vlan's on host (which I already mentioned in my previous post)? Thank you. Regards, Vairavan M. -Original Message- From: Marty Sweet [mailto:msweet@gmail.com] Sent: Tuesday, October 22, 2013 1:14 PM To: users@cloudstack.apache.org Subject: Re: Network Setup Problem 4.1.1 Hi Vairavan, The main highlight here is that you are using 20.xxx.xxx.xxx as your private network, this is not compliant with RFC1918 and would cause connectivity issues to public address in this subnet. Do you own a range of public IP address you wish to allocate to VMs? If so, this will effect the way you setup your Cloudstack Networking. If not, and you are looking for a simple setup, I would recommend the following: Management: eth0: your.public.ip.addr eth1: 10.10.0.1/24 (Private Interface) Agent: eth0: 10.10.0.2/24 If you wish to stick to your current setup (which I would advise against), can your agent ping your 20.1.1.1? Marty On Tue, Oct 22, 2013 at 7:28 PM, Murugappan, Vairavan vmurugap...@miners.utep.edu wrote: Hi, I am trying to setup a basic cloudstack 4.1.1 installation (test setup) with 1 Management (mgmt) server (centos 6.4), 1 host machine(cents 6.4) and 1 dell6248 switch Mgmt has 2 NIC's * One connected to the internet * Another with local ip 20.1.1.1 (which acts a gateway) net mask 255.0.0.0 * I have added NAT rules to forward internet to rest of the network * And this runs a dns server * Also this hosts the Mysql and NFS (/export/primary, /export/secondary) * But No dhcp server * I followed the instructions in the document and the management server is running and I can access it through browser DELL6248 Switch * I assigned ip as 20.2.1.1 netmask 255.0.0.0 gateway 20.1.1.1 * No Vlan configured, left it at default config Host Machine has 1 NIC * It is connected to the Switch * I followed the steps in the document (installation for KVM) for creating bridges * I Assigned ip 20.1.1.2 to the vlan em1.100 [ Netmask 255.0.0.0 Gateway 20.1.1.1 ] (em is my eth) and no ip on em1, Amd configured 2 bridges as said. - But, With this setup the host machine cannot even ping the switch - and mgmt server. - I tried assigning the 192.*.*.* ip to em1.100 with the ip at virbr0(192.*.*.1) as gateway but same result cannot ping the switch or mgmt.. * So removed all vlan's and bridges and just set 20.1.1.2 to em1 [ Netmask 255.0.0.0 Gateway 20.1.1.1]. Now it works as expected and I can access the internet as well. Setup: * I proceeded with the basic installation * Pod - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.5 - 20.1.1.20 * Guest - Gateway:20.1.1.1, Netmask:255.0.0.0, iprange - 20.1.1.30 - 20.1.1.200 * The Zone gets added successfully. No error on that. It creates cloubr0 bridge on host by itself and moves the ip from em1 to cloudbr0 and also starts the SSVM and Console VM on the host machine. But I get this There is no secondary storage VM for secondary storage host nfs:// 20.1.1.1/export/secondary On the management server log. SSVM Guest Machine * I can log into the SSVM from host using iplink local and I ran the SSVM test script, it seems it cannot connect to the gateway (20.1.1.1). * Following are the ip assigned to SSVM oPublic - 20.1.1.30 (eth2) , Private - 20.1.111 (eth1) , Link Local - 169.254.2.151 (eth0) , oAnd on eth3 20.1.1.20 (Not sure what this is for) Problems: * SSVM cannot access switch or gateway server (mgmt,nfs,mysql) or internet * And I cannot add any iso's or the cannot see the system default iso on the add instance screen. So there's something wrong in my network configuration over here but I couldn't figure out what it is. So any help on this would be much appreciated. Regards, Vairavan
