CS4.2.1 SVM can not start

2014-01-29 文章 
i have try clean DB and re initial CS4.2.1.
in Xen server pool,  nfs primary storage have attached., it is ok.

i search other person meet same problem, but no solution.
http://permalink.gmane.org/gmane.comp.apache.cloudstack.user/8728

hope some one can give me some support. thanks

->
2014-01-29 23:37:07,747 DEBUG
[cloud.deploy.DeploymentPlanningManagerImpl] (secstorage-1:null)
Deploy avoids pods: null, clusters: null, hosts: [1]
2014-01-29 23:37:07,749 DEBUG
[cloud.deploy.DeploymentPlanningManagerImpl] (secstorage-1:null)
DeploymentPlanner allocation algorithm:
com.cloud.deploy.FirstFitPlanner_EnhancerByCloudStack_1de5a3b1@9317ccb
2014-01-29 23:37:07,749 DEBUG
[cloud.deploy.DeploymentPlanningManagerImpl] (secstorage-1:null)
Trying to allocate a host and storage pools from dc:1,
pod:1,cluster:null, requested cpu: 500, requested ram: 268435456
2014-01-29 23:37:07,749 DEBUG
[cloud.deploy.DeploymentPlanningManagerImpl] (secstorage-1:null) Is
ROOT volume READY (pool already allocated)?: No
2014-01-29 23:37:07,749 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Searching resources only under specified Pod: 1
2014-01-29 23:37:07,749 DEBUG [cloud.deploy.FirstFitPlanner]
(secstorage-1:null) Listing clusters in order of aggregate capacity,
that have (atleast one host with) enough CPU and RAM capacity under
this Pod: 1
2014-01-29 23:37:07,759 DEBUG
[cloud.deploy.DeploymentPlanningManagerImpl] (secstorage-1:null)
Checking resources in Cluster: 1 under Pod: 1
2014-01-29 23:37:07,759 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Looking for hosts in dc: 1
pod:1  cluster:1
2014-01-29 23:37:07,763 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) FirstFitAllocator has 2 hosts
to check for allocation: [Host[-2-Routing], Host[-1-Routing]]
2014-01-29 23:37:07,767 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Found 2 hosts for allocation
after prioritization: [Host[-2-Routing], Host[-1-Routing]]
2014-01-29 23:37:07,767 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Looking for speed=500Mhz,
Ram=256
2014-01-29 23:37:07,772 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Checking if host: 2 has enough
capacity for requested CPU: 500 and requested RAM: 268435456 ,
cpuOverprovisioningFactor: 1.0
2014-01-29 23:37:07,775 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Hosts's actual total CPU:
13590 and CPU after applying overprovisioning: 13590
2014-01-29 23:37:07,775 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Free CPU: 13590 , Requested
CPU: 500
2014-01-29 23:37:07,776 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Free RAM: 9669118976 ,
Requested RAM: 268435456
2014-01-29 23:37:07,776 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) Host has enough CPU and RAM
available
2014-01-29 23:37:07,776 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) STATS: Can alloc CPU from
host: 2, used: 0, reserved: 0, actual total: 13590, total with
overprovisioning: 13590; requested cpu:500,alloc_from_last_host?:false
,considerReservedCapacity?: true
2014-01-29 23:37:07,776 DEBUG [cloud.capacity.CapacityManagerImpl]
(secstorage-1:FirstFitRoutingAllocator) STATS: Can alloc MEM from
host: 2, used: 0, reserved: 0, total: 9669118976; requested mem:
268435456,alloc_from_last_host?:false ,considerReservedCapacity?: true
2014-01-29 23:37:07,776 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Found a suitable host, adding
to list: 2
2014-01-29 23:37:07,776 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Host name: xen01, hostId: 1 is
in avoid set, skipping this and trying other available hosts
2014-01-29 23:37:07,776 DEBUG [allocator.impl.FirstFitAllocator]
(secstorage-1:FirstFitRoutingAllocator) Host Allocator returning 1
suitable hosts
2014-01-29 23:37:07,777 DEBUG
[cloud.deploy.DeploymentPlanningManagerImpl] (secstorage-1:null)
Checking suitable pools for volume (Id, Type): (19,ROOT)
2014-01-29 23:37:07,778 DEBUG
[cloud.deploy.DeploymentPlanningManagerImpl] (secstorage-1:null) We
need to allocate new storagepool for this volume
2014-01-29 23:37:07,778 DEBUG
[cloud.deploy.DeploymentPlanningManagerImpl] (secstorage-1:null)
Calling StoragePoolAllocators to find suitable pools
2014-01-29 23:37:07,780 DEBUG
[storage.allocator.LocalStoragePoolAllocator] (secstorage-1:null)
LocalStoragePoolAllocator trying to find storage pool to fit the vm
2014-01-29 23:37:07,780 DEBUG
[storage.allocator.ClusterScopeStoragePoolAllocator]
(secstorage-1:null) ClusterScopeStoragePoolAllocator looking for
storage pool
2014-01-29 23:37:07,780 DEBUG
[storage.allocator.ClusterS

Re: guest host cannot access internet, but ssvm,vrouter can

2013-08-27 文章 
you can call me Feng.

Sorry that some Chinese in the previous mail.
it work now. just i do not know that CS4.1.1 have the vrouter outgoing
control by Engress rules.

thanks to your reply

2013/8/27 Daan Hoogland :
> H onlydebian / 不坏阿峰 (hope you can give me some latin alliteration of your 
> name),
>
> Did you assign ipaddresses? And configure a firewall and NAT?
>
> regards,
> Daan
>
> On Wed, Aug 21, 2013 at 2:25 PM, 不坏阿峰  wrote:
>> guest host cannot access internet, but ssvm,vrouter can
>> Cloudstack4.1.1(upgrade from 4.0.2),  one kvm host ubuntu12.04 ,two xen
>> advanced  network
>>
>> ssvm,console proxy vm,vrouter can access internet.
>> guest host <=> vrouter ,ok
>> guest 1 <=> guest 2 in same vlan ,ping ok.guest 1 on kvm host,
>> guest 2 on xen
>>
>> but guest 1 and 2 can not access internet.
>>
>> could you give some guide.

Re: fail to login after recovery Cloud MySQL database.

2013-08-27 文章 
i have fixed it. follow the post:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Management+Controller+Failure+and+Replacement

before i did not purge old cloudstack,  will have above issue.

my another question is that how Cloudstack working with mysql,  i
found that has encrypted the communication.  such as: db.properties

2013/8/27 不坏阿峰 :
> Cloudstack 4.1.1 (upgrade from 4.0.2)
>
> i want to try back and recovery Database.after than i can not login
>
> what i did
> (1)service cloudstack-management stop
> (2)mysqldump -u root -p cloud > cloudstack-backup.sql
> (3)cloudstack-setup-databases cloud:password@localhost \
> --deploy-as=root:password \
> -i 192.168.230.2
> (4)mysqldump -u root -p cloud < cloudstack-backup.sql
>also try way from phpmyadmin
> (5)cloudstack-setup-management
> (6) service cloudstack-management start
>
> i know i did a very very stupid thing~.. pls help me to recovery back.
>
> Thanks a lot.
>
> when i do this, i can login, but no old config.
> # cloudstack-setup-databases cloud:password@localhost \
> --deploy-as=root:password \
> -i 192.168.230.2
>
>
> ##  some  erro when start, but service is running ##
>
> 2013-08-26 23:52:24,807 DEBUG [utils.script.Script] (Timer-1:null)
> Classpath resource:
> file:/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/vm/systemvm/injectkeys.sh
> 2013-08-26 23:52:24,807 DEBUG [utils.script.Script] (Timer-1:null)
> Absolute path =
> /usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/vm/systemvm/injectkeys.sh
> 2013-08-26 23:52:24,840 DEBUG [utils.crypt.DBEncryptionUtil]
> (Timer-1:null) Error while decrypting: Z/fQVh0fDAljHblryB00Kg==
>
> ## when i want to login after recovery backup mysql ##
>
> 2013-08-26 23:57:24,019 DEBUG [cloud.api.ApiServlet]
> (catalina-exec-8:null) ===START===  192.168.123.28 -- GET
> command=listCapabilities&response=json&sessionkey=null&_=1377536243369
> 2013-08-26 23:57:24,072 DEBUG [cloud.api.ApiServlet]
> (catalina-exec-8:null) ===END===  192.168.123.28 -- GET
> command=listCapabilities&response=json&sessionkey=null&_=1377536243369
> 2013-08-26 23:57:27,417 DEBUG [cloud.api.ApiServlet]
> (catalina-exec-5:null) ===START===  192.168.123.28 -- POST  null
> 2013-08-26 23:57:27,434 DEBUG [cloud.user.AccountManagerImpl]
> (catalina-exec-5:null) Attempting to log in user: admin in domain 1
> 2013-08-26 23:57:27,435 DEBUG [server.auth.MD5UserAuthenticator]
> (catalina-exec-5:null) Retrieving user: admin
> 2013-08-26 23:57:27,463 DEBUG [utils.crypt.DBEncryptionUtil]
> (catalina-exec-5:null) Error while decrypting:
> 9pzEBgPyi47AVs1+H3s//innPpGJ094Ds17ytVDJiOzL81fpGa8n+TZkdUkNQSsfFQfK3IFOMguXR1pLZGHg79Vwekg1ljTmj1F+5qemLvX6P5Rv+ajEmajh0AjUVCY3
> 2013-08-26 23:57:27,476 ERROR [cloud.api.ApiServlet]
> (catalina-exec-5:null) unknown exception writing api response
> com.cloud.utils.exception.CloudRuntimeException: Caught:
> com.mysql.jdbc.JDBC4PreparedStatement@371c1463: SELECT user.id,
> user.username, user.password, user.firstname, user.lastname,
> user.account_id, user.email, user.state, user.api_key,
> user.secret_key, user.created, user.removed, user.timezone,
> user.registration_token, user.is_registered,
> user.incorrect_login_attempts, account.account_name, account.type,
> account.domain_id, account.state FROM user INNER JOIN account ON
> user.account_id=account.id  WHERE user.username = _binary'admin'  AND
> account.domain_id = 1  AND user.removed IS NULL  ORDER BY RAND() LIMIT
> 1
> at 
> com.cloud.utils.db.GenericDaoBase.searchIncludingRemoved(GenericDaoBase.java:417)
> at 
> com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
> at 
> com.cloud.utils.db.GenericDaoBase.searchIncludingRemoved(GenericDaoBase.java:350)
> at 
> com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
> at 
> com.cloud.utils.db.GenericDaoBase.findOneIncludingRemovedBy(GenericDaoBase.java:860)
> at 
> com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
> at 
> com.cloud.utils.db.GenericDaoBase.findOneBy(GenericDaoBase.java:871)
> at 
> com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
> at 
> com.cloud.user.dao.UserAccountDaoImpl.getUserAccount(UserAccountDaoImpl.java:50)
> at 
> com.cloud.utils.component.ComponentInstantiationPos

fail to login after recovery Cloud MySQL database.

2013-08-26 文章 
Cloudstack 4.1.1 (upgrade from 4.0.2)

i want to try back and recovery Database.after than i can not login

what i did
(1)service cloudstack-management stop
(2)mysqldump -u root -p cloud > cloudstack-backup.sql
(3)cloudstack-setup-databases cloud:password@localhost \
--deploy-as=root:password \
-i 192.168.230.2
(4)mysqldump -u root -p cloud < cloudstack-backup.sql
   also try way from phpmyadmin
(5)cloudstack-setup-management
(6) service cloudstack-management start

i know i did a very very stupid thing~.. pls help me to recovery back.

Thanks a lot.

when i do this, i can login, but no old config.
# cloudstack-setup-databases cloud:password@localhost \
--deploy-as=root:password \
-i 192.168.230.2


##  some  erro when start, but service is running ##

2013-08-26 23:52:24,807 DEBUG [utils.script.Script] (Timer-1:null)
Classpath resource:
file:/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/vm/systemvm/injectkeys.sh
2013-08-26 23:52:24,807 DEBUG [utils.script.Script] (Timer-1:null)
Absolute path =
/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/scripts/vm/systemvm/injectkeys.sh
2013-08-26 23:52:24,840 DEBUG [utils.crypt.DBEncryptionUtil]
(Timer-1:null) Error while decrypting: Z/fQVh0fDAljHblryB00Kg==

## when i want to login after recovery backup mysql ##

2013-08-26 23:57:24,019 DEBUG [cloud.api.ApiServlet]
(catalina-exec-8:null) ===START===  192.168.123.28 -- GET
command=listCapabilities&response=json&sessionkey=null&_=1377536243369
2013-08-26 23:57:24,072 DEBUG [cloud.api.ApiServlet]
(catalina-exec-8:null) ===END===  192.168.123.28 -- GET
command=listCapabilities&response=json&sessionkey=null&_=1377536243369
2013-08-26 23:57:27,417 DEBUG [cloud.api.ApiServlet]
(catalina-exec-5:null) ===START===  192.168.123.28 -- POST  null
2013-08-26 23:57:27,434 DEBUG [cloud.user.AccountManagerImpl]
(catalina-exec-5:null) Attempting to log in user: admin in domain 1
2013-08-26 23:57:27,435 DEBUG [server.auth.MD5UserAuthenticator]
(catalina-exec-5:null) Retrieving user: admin
2013-08-26 23:57:27,463 DEBUG [utils.crypt.DBEncryptionUtil]
(catalina-exec-5:null) Error while decrypting:
9pzEBgPyi47AVs1+H3s//innPpGJ094Ds17ytVDJiOzL81fpGa8n+TZkdUkNQSsfFQfK3IFOMguXR1pLZGHg79Vwekg1ljTmj1F+5qemLvX6P5Rv+ajEmajh0AjUVCY3
2013-08-26 23:57:27,476 ERROR [cloud.api.ApiServlet]
(catalina-exec-5:null) unknown exception writing api response
com.cloud.utils.exception.CloudRuntimeException: Caught:
com.mysql.jdbc.JDBC4PreparedStatement@371c1463: SELECT user.id,
user.username, user.password, user.firstname, user.lastname,
user.account_id, user.email, user.state, user.api_key,
user.secret_key, user.created, user.removed, user.timezone,
user.registration_token, user.is_registered,
user.incorrect_login_attempts, account.account_name, account.type,
account.domain_id, account.state FROM user INNER JOIN account ON
user.account_id=account.id  WHERE user.username = _binary'admin'  AND
account.domain_id = 1  AND user.removed IS NULL  ORDER BY RAND() LIMIT
1
at 
com.cloud.utils.db.GenericDaoBase.searchIncludingRemoved(GenericDaoBase.java:417)
at 
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at 
com.cloud.utils.db.GenericDaoBase.searchIncludingRemoved(GenericDaoBase.java:350)
at 
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at 
com.cloud.utils.db.GenericDaoBase.findOneIncludingRemovedBy(GenericDaoBase.java:860)
at 
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at com.cloud.utils.db.GenericDaoBase.findOneBy(GenericDaoBase.java:871)
at 
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at 
com.cloud.user.dao.UserAccountDaoImpl.getUserAccount(UserAccountDaoImpl.java:50)
at 
com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
at 
com.cloud.server.auth.MD5UserAuthenticator.authenticate(MD5UserAuthenticator.java:49)
at 
com.cloud.user.AccountManagerImpl.getUserAccount(AccountManagerImpl.java:1912)
at 
com.cloud.user.AccountManagerImpl.authenticateUser(AccountManagerImpl.java:1784)
at com.cloud.api.ApiServer.loginUser(ApiServer.java:766)
at com.cloud.api.ApiServlet.processRequest(ApiServlet.java:210)
at com.cloud.api.ApiServlet.doPost(ApiServlet.java:71)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at 
org.apache.

How is Cloudstack work with Active Directory

2013-08-24 文章 
Cloudstack4.1.1
(1). i create same user: dota on Active Directory and CS
(2). i have test ldap query by binddn cn=dota,ou=member,dc=lab,dc=com,
it is ok,so active directory ldap is ready.
(3). have two user under  ou=member, dc=lab,dc=com: dota , csuser01
(4). enable integration.api.port =8096, and restart CS-mangement

Q1:  from the CS log, ldap server configed, but IE response  false,
what is correct information?

Q2: how many user should be created on both Active Directory and CS ?
or only one for ldap config,   active directory create other user just
for CS use

Q3: what will change in UI when ldap config success? can see  users
imported from Active Directory ? can use csuser01 to login CS ?(i try
log in  but failure)


http://192.168.230.2:8096/client/api?command=ldapConfig&hostname=192.168.123.61&searchbase=OU%3Dmember%2CDC%3Dlab%2CDC%3Dcom&queryfilter=%28%26%28disPlayname%3D%25u%29%29&binddn=CN%3Ddota%2COU%3Dmember%2CDC%3Dlab%2CDC%3Dcom&bindpass=123@lab&port=389&response=json

### Got  this response:#
{ "ldapconfigresponse" :  { "ldapconfig" :
{"hostname":"192.168.123.61","port":"false","searchbase":"OU=member,DC=lab,DC=com","queryfilter":"(&(disPlayname=%u))","binddn":"CN=dota,OU=member,DC=lab,DC=com"}
}  }

###  CS log  #
2013-08-24 21:10:44,453 DEBUG
[cloud.configuration.ConfigurationManagerImpl] (ApiServer-4:null) The
ldap server is configured: 192.168.123.61

 other thing i checked ##
(1) in CS4.1.1 ,sharedFunctions.js  , var md5HashedLogin = fals
(2) when create dota in CS, "Network Domain" i put lab.com, username i put dota

how to use Private Gateway in VPC on CS4.1.1

2013-08-23 文章 
Environment :
cs-mgt:
eth1: 192.168.230.2

xen01:
eth1: 192.168.230.11
eth2: public+guest   (guest network:192.168.30.0/24  public: 192.168.240.0)
eth3: 192.168.250.11

xen01:
eth1: 192.168.230.12
eth2: public+guest  (guest network:192.168.30.0/24 public: 192.168.240.0 )
eth3: 192.168.250.12

 VPC network 172.16.0.0/16
 tier01 172.16.0.1/24.
 tier02 172.16.1.1/24

tier network ACLs   ingress, egress TCP/UDP all
allowed configed

i create on Private gateway like this:

Physical Network: i chose eth2
IP Address: 192.168.20.9
Gateway: 192.168.20.10
   (i am not sure what gateway should be,i put the another side router IP )
Netmask: 255.255.255.0
VLAN: 20

#>  what i want to do , private way should have this function, am i right?

VPC vms<=>  Prv GTW <=> Another Router  <=> sub net
(172.16.0.0/24   192.168.20.9192.168.20.10 192.168.80.0
172.16.1.0/24)

i add static route in Prv GTW ,192.168.80.0..

Could someone give some favor to make me workout? Many thanks!

 information on VPC vrouter
root@r-166-VM:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
192.168.240.0   0.0.0.0 255.255.255.0   U 0  00 eth1
192.168.20.00.0.0.0 255.255.255.0   U 0  00 eth4
172.16.0.0  0.0.0.0 255.255.255.0   U 0  00 eth2
172.16.1.0  0.0.0.0 255.255.255.0   U 0  00 eth3
169.254.0.0 0.0.0.0 255.255.0.0 U 0  00 eth0
0.0.0.0 192.168.240.1   0.0.0.0 UG0  00 eth1

root@r-166-VM:~# ip route show table static_route
192.168.80.0/24 via 192.168.20.10 dev eth4

  VPCvrouter  can ping 192.168.20.10  #
root@r-166-VM:~# ping 192.168.20.10
PING 192.168.20.10 (192.168.20.10): 56 data bytes
64 bytes from 192.168.20.10: icmp_seq=0 ttl=64 time=5.835 ms
64 bytes from 192.168.20.10: icmp_seq=1 ttl=64 time=1.135 ms
^C--- 192.168.20.10 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.135/3.485/5.835/2.350 ms

   VPCvrouter  can not ping 192.168.80.1
root@r-166-VM:~# ping 192.168.80.1
PING 192.168.80.1 (192.168.80.1): 56 data bytes
^C--- 192.168.80.1 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

   VPC vm  can ping 192.168.20.9
[root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.9
PING 192.168.20.9 (192.168.20.9) 56(84) bytes of data.
64 bytes from 192.168.20.9: icmp_seq=1 ttl=64 time=0.788 ms
64 bytes from 192.168.20.9: icmp_seq=2 ttl=64 time=0.526 ms
64 bytes from 192.168.20.9: icmp_seq=3 ttl=64 time=1.22 ms
--- 192.168.20.9 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.526/0.845/1.221/0.286 ms

   VPC vm  can not ping 192.168.20.10
[root@d911668f-d56b-48bc-ae23-c5d2f6a214a9 ~]# ping 192.168.20.10
PING 192.168.20.10 (192.168.20.10) 56(84) bytes of data.
--- 192.168.20.10 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3004ms

vm with Cloudstack+openvswitch+KVM can not access extranal network, can ping gateway

2013-08-22 文章 
vm with openvswitch+KVM can not access extranal network, can ping gateway

Cloudstack4.1.1
A: one kvm host ubuntu12.04 with openvswitch,
B:  xen server6.0,
C: one kvm host centos with openvswitch

in cloudstack have two network.
Guestvlan301 Isolated 192.168.31.0/24 ,Egress rule,   0.0.0.0/0 all
Guestvlan300 Isolated  192.168.31.0/24  ,Egress rule,   0.0.0.0/0 all


①:vrouter301 run on Xen,   Public IP Address 192.168.240.54 Guest IP
Address 192.168.31.1
   vm in vlan301 ,can ping gateway 192.168.31.1 and can access
internet. vm can run on kvm or xen, both ok.

②:vronter300 run on Kvm with openvswitch,   Public IP Address
192.168.240.53 Guest IP Address 192.168.30.1
   vm in vlan300 ,can ping gateway 192.168.30.1, but can not access
internet.  vrouter can access internet.

how to make vm under kvm+openvswitch to access outside network and internet


[root@centos-kvm01 libvirt]# ovs-vsctl show
7cb5f505-7ac1-4403-9f9d-101882ed7bad
Bridge kvmmgt
Port kvmmgt
Interface kvmmgt
type: internal
Port "eth0"
Interface "eth0"
Bridge "cloudbr0"
Port "cloudbr0"
Interface "cloudbr0"
type: internal
Port "eth1"
Interface "eth1"   ## Eth1 uplink port is Esxi
vswitch in promiscuous mode,  Xen server Eth1 uplink this too, can
work fine ; Kvm use native bridge work fine too.
Port "vnet3"
tag: 240
Interface "vnet3"
Port "vnet0"
tag: 301
Interface "vnet0"
Port "vnet1"
tag: 300
Interface "vnet1"
Port "vnet4"
tag: 240
Interface "vnet4"
Bridge "cloud0"
Port "cloud0"
Interface "cloud0"
type: internal
Port "vnet2"
Interface "vnet2"
Bridge storage
Port "eth2"
Interface "eth2"
Port storage
Interface storage
type: internal
ovs_version: "1.10.0"


i do the test,
  one VM 192.168.30.90  run  ping 192.168.123.1
  vrouter 192.168.30.1(outside IP 192.168.240.53 vlan 240)  run  ping
www.google.com

[root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 30.90

in_port(9),eth(src=02:00:07:94:00:09,dst=02:00:3c:30:00:06),eth_type(0x0806),arp(sip=192.168.30.1,tip=192.168.30.90,op=2,sha=02:00:07:94:00:09,tha=02:00:3c:30:00:06),
packets:0, bytes:0, used:never, actions:push_vlan(vid=300,pcp=0),5
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=63,frag=no),icmp(type=8,code=0),
packets:5855, bytes:573790, used:0.810s,
actions:push_vlan(vid=240,pcp=0),5
in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.30.90,tip=192.168.30.1,op=1,sha=02:00:3c:30:00:06,tha=00:00:00:00:00:00)),
packets:0, bytes:0, used:never, actions:pop_vlan,9
in_port(5),eth(src=02:00:3c:30:00:06,dst=02:00:07:94:00:09),eth_type(0x8100),vlan(vid=300,pcp=0),encap(eth_type(0x0800),ipv4(src=192.168.30.90,dst=192.168.123.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)),
packets:5855, bytes:597210, used:0.809s, actions:pop_vlan,9

##   actions:push_vlan(vid=240,pcp=0),5  ,  this is maybe have
some problem !!!  is it??




[root@centos-kvm01 ~]# ovs-dpctl dump-flows |grep 240.53
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0800),ipv4(src=192.168.240.53,dst=74.125.128.105,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0),
packets:6167, bytes:604366, used:0.486s,
actions:push_vlan(vid=240,pcp=0),5
in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0806),arp(sip=192.168.240.1,tip=192.168.240.53,op=1,sha=00:50:56:97:5c:55,tha=00:00:00:00:00:00)),
packets:0, bytes:0, used:never, actions:pop_vlan,11
in_port(5),eth(src=00:50:56:97:5c:55,dst=06:28:b6:00:01:20),eth_type(0x8100),vlan(vid=240,pcp=0),encap(eth_type(0x0800),ipv4(src=74.125.128.105,dst=192.168.240.53,proto=1,tos=0,ttl=49,frag=no),icmp(type=0,code=0)),
packets:6059, bytes:618018, used:0.450s, actions:pop_vlan,11
in_port(11),eth(src=06:28:b6:00:01:20,dst=00:50:56:97:5c:55),eth_type(0x0806),arp(sip=192.168.240.53,tip=192.168.240.1,op=2,sha=06:28:b6:00:01:20,tha=00:50:56:97:5c:55),
packets:0, bytes:0, used:never, actions:push_vlan(vid=240,pcp=0),5

Re: Fail to create Instance in VPC on CS4.1.1

2013-08-22 文章 
Thank you very much.
i search "Unable to allocate vnet as a part of network" and find this link
http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201205.mbox/%3ccah-3_gn8fe_dfxq9ayq-1khwn0j+z6fu6nutzdfh3wn8mdn...@mail.gmail.com%3E

i change the Guest network Vlan rang from 300 to 301(both use,
cloudstack alert guest vlan is full ,but can use) ,extend it 300 to
399.  then create instance sucess.
but i did not see new network create,  VPC did not create guest network .

could you explain to me or give me some guide to understand it?

many thanks
Best wish!

2013/8/23 Chiradeep Vittal :
> This might be the problem:
> 2013-08-23 00:30:29,942 INFO  [cloud.vm.VirtualMachineManagerImpl]
> (Job-Executor-64:job-299) Insufficient capacity
> com.cloud.exception.InsufficientVirtualNetworkCapcityException: Unable
> to allocate vnet as a part of network Ntwk[207|Guest|11] implement
> Scope=interface com.cloud.dc.DataCenter; id=1
>
>
>
> On 8/22/13 10:51 AM, "不坏阿峰"  wrote:
>
>>cs-mgt:
>>eth1: 192.168.230.2
>>
>>xen01:
>>eth1: 192.168.230.11
>>eth2: public+guest   (guest network:192.168.30.0/24  )
>>eth3: 192.168.250.11
>>
>>xen01:
>>eth1: 192.168.230.12
>>eth2: public+guest  (guest network:192.168.30.0/24  )
>>eth3: 192.168.250.12
>>
>>Adv net, can work.
>>
>>I want to try VPC ,i have create VPC network 172.16.0.0/16 and tier
>>172.16.0.1/24.   tier network ACLs   ingress, egress TCP/UDP all
>>allowed configed
>>
>>VPC router have started and i check from console , it can access
>>internet and can access storage and cs.
>>
>>but fail to create vm in tier of VPC.
>>
>>#   LOG #
>>2013-08-23 00:30:29,544 DEBUG [cloud.api.ApiServlet]
>>(catalina-exec-17:null) ===START===  192.168.123.28 -- GET
>>command=deployVirtualMachine&zoneId=6ad1fb5e-8a4b-42b7-83f2-863c1b3fda4a&t
>>emplateId=bd1a8e6a-b66f-4484-afcb-2af22890cff6&hypervisor=XenServer&servic
>>eOfferingId=fbf29251-423f-496c-8edb-32b9362c31ab&networkIds=d277c139-f896-
>>443a-a8cc-c74dcb5f92df&response=json&sessionkey=c%2FLK7Wzuq4ia5cxurIMYWevC
>>UkM%3D&_=1377192613840
>>2013-08-23 00:30:29,554 DEBUG [cloud.api.ApiDispatcher]
>>(catalina-exec-17:null) InfrastructureEntity name
>>is:com.cloud.offering.ServiceOffering
>>2013-08-23 00:30:29,556 DEBUG [cloud.api.ApiDispatcher]
>>(catalina-exec-17:null) ControlledEntity name
>>is:com.cloud.template.VirtualMachineTemplate
>>2013-08-23 00:30:29,560 DEBUG [cloud.api.ApiDispatcher]
>>(catalina-exec-17:null) ControlledEntity name
>>is:com.cloud.network.Network
>>2013-08-23 00:30:29,574 DEBUG [cloud.network.NetworkModelImpl]
>>(catalina-exec-17:null) Service SecurityGroup is not supported in the
>>network id=207
>>2013-08-23 00:30:29,584 DEBUG [cloud.vm.UserVmManagerImpl]
>>(catalina-exec-17:null) Allocating in the DB for vm
>>2013-08-23 00:30:29,599 DEBUG [cloud.vm.VirtualMachineManagerImpl]
>>(catalina-exec-17:null) Allocating entries for VM:
>>VM[User|b5e2d457-5294-4c7d-adbc-2398e21fe621]
>>2013-08-23 00:30:29,600 DEBUG [cloud.vm.VirtualMachineManagerImpl]
>>(catalina-exec-17:null) Allocating nics for
>>VM[User|b5e2d457-5294-4c7d-adbc-2398e21fe621]
>>2013-08-23 00:30:29,601 DEBUG [cloud.network.NetworkManagerImpl]
>>(catalina-exec-17:null) Allocating nic for vm
>>VM[User|b5e2d457-5294-4c7d-adbc-2398e21fe621] in network
>>Ntwk[207|Guest|11] with requested profile
>>NicProfile[0-0-null-null-null
>>2013-08-23 00:30:29,617 DEBUG [cloud.network.NetworkModelImpl]
>>(catalina-exec-17:null) Service SecurityGroup is not supported in the
>>network id=207
>>2013-08-23 00:30:29,618 DEBUG [cloud.vm.VirtualMachineManagerImpl]
>>(catalina-exec-17:null) Allocaing disks for
>>VM[User|b5e2d457-5294-4c7d-adbc-2398e21fe621]
>>2013-08-23 00:30:29,629 DEBUG [cloud.vm.VirtualMachineManagerImpl]
>>(catalina-exec-17:null) Allocation completed for VM:
>>VM[User|b5e2d457-5294-4c7d-adbc-2398e21fe621]
>>2013-08-23 00:30:29,629 DEBUG [cloud.vm.UserVmManagerImpl]
>>(catalina-exec-17:null) Successfully allocated DB entry for
>>VM[User|b5e2d457-5294-4c7d-adbc-2398e21fe621]
>>2013-08-23 00:30:29,651 DEBUG [cloud.network.NetworkModelImpl]
>>(catalina-exec-17:null) Service SecurityGroup is not supported in the
>>network id=207
>>2013-08-23 00:30:29,657 DEBUG [cloud.network.NetworkModelImpl]
>>(catalina-exec-17:null) Service SecurityGroup is not supported in the
>>network id=207
>>2013-08-23 00:30:29,674 DEBUG [cloud.async.AsyncJobManagerImpl]
>>(catalina-exec-17:null)

Re: guest host cannot access internet, but ssvm,vrouter can

2013-08-21 文章 
多谢,果然是Egress rules,添加了,可以了访问了。应该是4.1.1 新增的。

在 2013年8月21日下午9:55,不坏阿峰  写道:
> 没明白,能具体点么?  网络里面已经
> Guestvlan301 admin   Isolated   192.168.31.0/24。
>
> 我使用的是高级网络, Egress rules 需要设置吗?  防火墙和端口转发,配置是映射内网出去了。 我未升级前4.0.2
> 是有用过,升级到4.1.1 应该不影响。
> 多谢
>
> 2013/8/21 Fan Lei :
>> 设置问题,首页,网络点进去找吧
>> 在 2013-8-21 下午8:26,"不坏阿峰" 写道:
>>
>>> guest host cannot access internet, but ssvm,vrouter can
>>> Cloudstack4.1.1(upgrade from 4.0.2),  one kvm host ubuntu12.04 ,two xen
>>> advanced  network
>>>
>>> ssvm,console proxy vm,vrouter can access internet.
>>> guest host <=> vrouter ,ok
>>> guest 1 <=> guest 2 in same vlan ,ping ok.guest 1 on kvm host,
>>> guest 2 on xen
>>>
>>> but guest 1 and 2 can not access internet.
>>>
>>> could you give some guide.
>>>

Re: guest host cannot access internet, but ssvm,vrouter can

2013-08-21 文章 
没明白,能具体点么?  网络里面已经
Guestvlan301 admin   Isolated   192.168.31.0/24。

我使用的是高级网络, Egress rules 需要设置吗?  防火墙和端口转发,配置是映射内网出去了。 我未升级前4.0.2
是有用过,升级到4.1.1 应该不影响。
多谢

2013/8/21 Fan Lei :
> 设置问题,首页,网络点进去找吧
> 在 2013-8-21 下午8:26,"不坏阿峰" 写道:
>
>> guest host cannot access internet, but ssvm,vrouter can
>> Cloudstack4.1.1(upgrade from 4.0.2),  one kvm host ubuntu12.04 ,two xen
>> advanced  network
>>
>> ssvm,console proxy vm,vrouter can access internet.
>> guest host <=> vrouter ,ok
>> guest 1 <=> guest 2 in same vlan ,ping ok.guest 1 on kvm host,
>> guest 2 on xen
>>
>> but guest 1 and 2 can not access internet.
>>
>> could you give some guide.
>>

guest host cannot access internet, but ssvm,vrouter can

2013-08-21 文章 
guest host cannot access internet, but ssvm,vrouter can
Cloudstack4.1.1(upgrade from 4.0.2),  one kvm host ubuntu12.04 ,two xen
advanced  network

ssvm,console proxy vm,vrouter can access internet.
guest host <=> vrouter ,ok
guest 1 <=> guest 2 in same vlan ,ping ok.guest 1 on kvm host,
guest 2 on xen

but guest 1 and 2 can not access internet.

could you give some guide.

Cloudstack 4.1+Centos6.4 KVM host 添加RBD ceph主存储失败

2013-08-19 文章 
环境情况:
Cloudstack 4.1.1,   Ceph 0.6.1.7, Qemu 0.12.1.2-2.355 with RBD enable

I have added ceph RBD as primary successfully with ubuntu 12.04 kvm.
but fail on centos 6.4 kvm host  in cloudstack.

以下是在centos kvm host上的部分测试,可以通过rbd访问ceph
 [root@centos-kvm01 ~]# qemu-img -v | grep rbd
Supported formats: raw cow qcow vdi vmdk cloop dmg bochs vpc vvfat
qcow2 qed parallels nbd blkdebug host_cdrom host_floppy host_device
file rbd

 [root@centos-kvm01 ~]#  rbd -m 192.168.250.15 -p volumes ls
08b376f0-5af4-4b46-b41e-d83dc0f93a70
1e9f8d76-94d9-4d56-a8a6-fdff32ba9d1b
b0f7fae3-716b-4210-a89d-af63c6e30859

[root@centos-kvm01 ~]#  rados lspools
data
metadata
rbd
volumes
cloudstack

[root@centos-kvm01 ~]# rbd create test --size 4096
[root@centos-kvm01 ~]# rbd ls
test

以下是cloudstack的日志
2013-08-19 17:28:25,683 DEBUG [agent.transport.Request]
(AgentManager-Handler-9:null) Seq 26-368640010: Processing:  { Ans: ,
MgmtId: 345050143793, via: 26, Ver: v1, Flags: 10,
[{"Answer":{"result":false,"details":"java.lang.NullPointerException\n\tat
com.cloud.hypervisor.kvm.storage.LibvirtStorageAdaptor.createStoragePool(LibvirtStorageAdaptor.java:540)\n\tat
com.cloud.hypervisor.kvm.storage.KVMStoragePoolManager.createStoragePool(KVMStoragePoolManager.java:111)\n\tat
com.cloud.hypervisor.kvm.storage.KVMStoragePoolManager.createStoragePool(KVMStoragePoolManager.java:104)\n\tat
com.cloud.hypervisor.kvm.resource.LibvirtComputingResource.execute(LibvirtComputingResource.java:2304)\n\tat
com.cloud.hypervisor.kvm.resource.LibvirtComputingResource.executeRequest(LibvirtComputingResource.java:1094)\n\tat
com.cloud.agent.Agent.processRequest(Agent.java:525)\n\tat
com.cloud.agent.Agent$AgentRequestHandler.doTask(Agent.java:852)\n\tat
com.cloud.utils.nio.Task.run(Task.java:83)\n\tat
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)\n\tat
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)\n\tat
java.lang.Thread.run(Thread.java:679)\n","wait":0}}] }
2013-08-19 17:28:25,683 DEBUG [agent.transport.Request]
(catalina-exec-1:null) Seq 26-368640010: Received:  { Ans: , MgmtId:
345050143793, via: 26, Ver: v1, Flags: 10, { Answer } }
2013-08-19 17:28:25,683 DEBUG [agent.manager.AgentManagerImpl]
(catalina-exec-1:null) Details from executing class
com.cloud.agent.api.ModifyStoragePoolCommand:
java.lang.NullPointerException
at 
com.cloud.hypervisor.kvm.storage.LibvirtStorageAdaptor.createStoragePool(LibvirtStorageAdaptor.java:540)
at 
com.cloud.hypervisor.kvm.storage.KVMStoragePoolManager.createStoragePool(KVMStoragePoolManager.java:111)
at 
com.cloud.hypervisor.kvm.storage.KVMStoragePoolManager.createStoragePool(KVMStoragePoolManager.java:104)
at 
com.cloud.hypervisor.kvm.resource.LibvirtComputingResource.execute(LibvirtComputingResource.java:2304)
at 
com.cloud.hypervisor.kvm.resource.LibvirtComputingResource.executeRequest(LibvirtComputingResource.java:1094)
at com.cloud.agent.Agent.processRequest(Agent.java:525)
at com.cloud.agent.Agent$AgentRequestHandler.doTask(Agent.java:852)
at com.cloud.utils.nio.Task.run(Task.java:83)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:679)

2013-08-19 17:28:25,689 WARN  [cloud.storage.StorageManagerImpl]
(catalina-exec-1:null) Unable to establish a connection between
Host[-26-Routing] and Pool[207|RBD]
com.cloud.exception.StorageUnavailableException: Resource
[StoragePool:207] is unreachable: Unable establish connection from
storage head to storage pool 207 due to java.lang.NullPointerException
at 
com.cloud.hypervisor.kvm.storage.LibvirtStorageAdaptor.createStoragePool(LibvirtStorageAdaptor.java:540)
at 
com.cloud.hypervisor.kvm.storage.KVMStoragePoolManager.createStoragePool(KVMStoragePoolManager.java:111)
at 
com.cloud.hypervisor.kvm.storage.KVMStoragePoolManager.createStoragePool(KVMStoragePoolManager.java:104)
at 
com.cloud.hypervisor.kvm.resource.LibvirtComputingResource.execute(LibvirtComputingResource.java:2304)
at 
com.cloud.hypervisor.kvm.resource.LibvirtComputingResource.executeRequest(LibvirtComputingResource.java:1094)
at com.cloud.agent.Agent.processRequest(Agent.java:525)
at com.cloud.agent.Agent$AgentRequestHandler.doTask(Agent.java:852)
at com.cloud.utils.nio.Task.run(Task.java:83)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:679)
at 
com.cloud.storage.StorageManagerImpl.connectHostToSharedPool(StorageManagerImpl.java:1637)
at 
com.cloud.storage.StorageManagerImpl.createPool(StorageManagerImpl.java:1402)
at 
com.cloud.storage.StorageManagerI

BasiceZone模式下SSVM, 创建的实力VM都不能ping 网关

2013-07-26 文章 
CS-mg 和kvm host在同一台OS上, 192.168.123.108
# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet manual

# Public network
auto cloudbr0
iface cloudbr0 inet static
   address 192.168.123.108
   netmask 255.255.255.0
   gateway 192.168.123.1
   bridge_ports eth0
   bridge_fd 5
   bridge_stp off
   bridge_maxwait 1
   dns-nameservers 192.168.123.61 192.168.123.1
   dns-domain lab.com

# Private network
auto cloudbr1
iface cloudbr1 inet manual
   bridge_ports eth0
   bridge_fd 5
   bridge_stp off
   bridge_maxwait 1

添加Zone时 使用基本网络模式
管理:  KVM 流量标签 cloudbr0
提供点网关  网络掩码  起始 IP   结束 IP
Pod1  192.168.123.1 255.255.255.0 192.168.123.200 192.168.123.239
来宾:  KVM 流量标签 cloudbr0
Pod1 192.168.123.1 255.255.255.0 192.168.123.240 192.168.123.250
存储:KVM 流量标签 cloudbr0
Pod1 192.168.123.1 255.255.255.0 1(vlan) 192.168.123.108 192.168.123.150

3、简单做如下测试
(1)、看SSVM、CPVM能不能创建成功。
   SSVM, CPVM 都是running。 可以通过 ssh 3922 上去
(2)、登录SSVM、CPVM系统里ping  网关,DNS,外网是否通 。
   ping 网关和DNS 不通
root@s-1-VM:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse
Iface
192.168.123.0   0.0.0.0 255.255.255.0   U 0  00 eth1
192.168.123.0   0.0.0.0 255.255.255.0   U 0  00 eth2
192.168.123.0   0.0.0.0 255.255.255.0   U 0  00 eth3
169.254.0.0 0.0.0.0 255.255.0.0 U 0  00 eth0
0.0.0.0 192.168.123.1   0.0.0.0 UG0  00 eth2

因为发现SSVM不通, 导入ISO一直也都成功;也无法下载自带的CentOS 5.5(64-bit) no GUI (KVM), 提示Unable
to resolve download.cloud.com.   我想原因是一样的, 就是SSVM的eth2
192.168.123.240(跟puclic打交道的网络不通)。
然后我就用cs-mg自身搭建http,导入成功ISO,并安装了一个实例 获取的IP是192.168.123.241,也是无法ping通过网关
192.168.123.1 、DNS和外网的。
因此就导致很多问题
(1)无法访问cs-mg 网络和外网,也就无法下载ISO和模板。

求解。

Re: 【请教】cloudstack 网络应该如何规划、如何配置、如何检验网络是符合要求的;

2013-07-25 文章 
能帮忙给个比较详细的例子吗?参考了网上不少文章,都没有把网络拓扑讲清楚,  实在困惑太久了。  还求专家帮忙指导完成第一次的部署测试。感激不尽!

我现在用ros 建立了以下网关 来作为路由
eth2 192.168.230.1  -》 交换机 G 0/0/2   vlan 230
eth3 192.168.240.1  -》 交换机 G 0/0/14 vlan 240
 eth4 192.168.250.1 -》 交换机 G 0/0/23 vlan 250

(1)cs-mg 几块网卡? 一块?  192.168.230.10
(2)kvm01 两块还是几块网卡?  如何连接网线呢?
(3)如果是两块网卡, eth1  192.168.230.11   eth2 如何配置?
(4)搭建好,如何测试整个网络是正确的?


在 2013年7月24日下午10:18,leifan8440 写道:

> 你从一开始就错了
> cs-mg只是管理端,能连host就行
> 加zone的时候配置的管理、public、guest流量标签,在host上要有对应名字的网桥
> 交换机上要配置好guest流量用的vlan段,网桥对应的物理网卡连的交换机口要根据流量的配置不同设成trunk或access
>
>
>
>
>
>
> leifan8440
>
> 发件人: 不坏阿峰
> 发送时间: 2013-07-25 12:53
> 收件人: users-cn
> 主题: 【请教】cloudstack 网络应该如何规划、如何配置、如何检验网络是符合要求的;
> cloudstack 4.0 ,ubuntu12.04 的环境, 不管使用basice 和advanced网络模式,都是svm
> 系统虚拟机都可以启动,就是虚拟机无法访问cs-mg;
> cs-mg:
>
> eth1: 192.168.230.10   想作为管理网
> eth2: 192.168.240.10   想作为public
> eth3: 192.168.250.10   想作为private
>
>
> kvm01:
> eth1: 192.168.230.11
> eth2: 192.168.240.11
> eth3: 192.168.250.11
>
> 将kvm01 添加到cloudstack后,kvm的网络配置就变成了这个样子。
> # The primary network interface
> auto eth0
>
> iface eth0 inet manual
>   auto cloudbr0
>   iface cloudbr0 inet static
>   bridge_ports eth0
>
> address 192.168.230.11
> netmask 255.255.255.0
> gateway 192.168.230.1
> dns-nameservers 192.168.123.61 192.168.123.1
> dns-domain lab.com
>
> auto eth1
> iface eth1 inet static
> address 192.168.240.11
> netmask 255.255.255.0
> gateway 192.168.240.1
> dns-nameservers 192.168.123.61 192.168.123.1
> dns-domain lab.com
>
> auto eth2
> iface eth2 inet static
> address 192.168.250.11
> netmask 255.255.255.0
> gateway 192.168.250.1
> dns-nameservers 192.168.123.61 192.168.123.1
> dns-domain lab.com
>
> svm虚拟机的变成这样;
> 公用 IP 地址 192.168.250.168
> 专用 IP 地址 192.168.230.68
> 链接本地 IP 地址  169.254.2.28
>
> 从kvm01访问svm ssh -i .ssh/id_rsa.cloud -p 3922
>  169.254.2.28;登陆到svm后,无法访问cs-mg;   导入iso 也一直状态ready no;
>
> 想请教下 管理网、public、private 到底是干什么用的,一直搞的很糊涂。如果我只是做实验;
> 应该如何配置网络,一定要桥接么(为啥cs添加kvm后要自己桥接)? 然后如何测试网络配置的是ok的,标准结果是什么;是不是svm 要能访问到cs-mg
> 才算通。
>

【请教】cloudstack 网络应该如何规划、如何配置、如何检验网络是符合要求的;

2013-07-24 文章 
cloudstack 4.0 ,ubuntu12.04 的环境, 不管使用basice 和advanced网络模式,都是svm
系统虚拟机都可以启动,就是虚拟机无法访问cs-mg;
cs-mg:

eth1: 192.168.230.10   想作为管理网
eth2: 192.168.240.10   想作为public
eth3: 192.168.250.10   想作为private


kvm01:
eth1: 192.168.230.11
eth2: 192.168.240.11
eth3: 192.168.250.11

将kvm01 添加到cloudstack后,kvm的网络配置就变成了这个样子。
# The primary network interface
auto eth0

iface eth0 inet manual
  auto cloudbr0
  iface cloudbr0 inet static
  bridge_ports eth0

address 192.168.230.11
netmask 255.255.255.0
gateway 192.168.230.1
dns-nameservers 192.168.123.61 192.168.123.1
dns-domain lab.com

auto eth1
iface eth1 inet static
address 192.168.240.11
netmask 255.255.255.0
gateway 192.168.240.1
dns-nameservers 192.168.123.61 192.168.123.1
dns-domain lab.com

auto eth2
iface eth2 inet static
address 192.168.250.11
netmask 255.255.255.0
gateway 192.168.250.1
dns-nameservers 192.168.123.61 192.168.123.1
dns-domain lab.com

svm虚拟机的变成这样;
公用 IP 地址 192.168.250.168
专用 IP 地址 192.168.230.68
链接本地 IP 地址  169.254.2.28

从kvm01访问svm ssh -i .ssh/id_rsa.cloud -p 3922
 169.254.2.28;登陆到svm后,无法访问cs-mg;   导入iso 也一直状态ready no;

想请教下 管理网、public、private 到底是干什么用的,一直搞的很糊涂。如果我只是做实验;
应该如何配置网络,一定要桥接么(为啥cs添加kvm后要自己桥接)? 然后如何测试网络配置的是ok的,标准结果是什么;是不是svm 要能访问到cs-mg
才算通。