Kimihiko-san,
There is the setup guide in the CloudStack documentation
(http://cloudstack.apache.org/docs/en-US/Apache_CloudStack/4.0.0-incubating/html/CloudStack_Nicira_NVP_Guide/index.html)
. It is a bit outdated and I will try to improve it. It doesn't list the new
layer 3 features present i
Javier,
Can you enable DEBUG mode on the KVM node agent log
(/etc/cloudstack/agent/log4j.xml) and let us know what happens when
you add the host?
What are the packages installed on your KVM agent related to virt?
$ rpm -qa | grep qemu
$ rpm -qa | grep virt
$ rpm -qa | grep cloud
Thanks,
--
P
any ideas? I'm still stuck with this :( .
Is your guest network created on the SRX ?
Is your network offering crated correctly with SRX firewall ?
While crating instance/guest network did you select the SRX firewall network
offering ?
Thanks,
Jayapal
> -Original Message-
> From: Francois Gaudreault [mailto:fgaudrea...@cloudops.c
Hello Vittal,
Here is how I define the vlans.
eth1 - br0
management network 192.168.100.0/24 NO vlan
eth1.1200 - cloudVirBr1200
public network 198.105.xxx.0/24 vlan 1200
eth1.1300 - cloudVirBr1300
guest network 10.1.1.0/24 vlan 1300
I have all in one computer. One NIC for all the 3 tr
Nice. Will have to try it out!
On 5/22/13 12:45 PM, "Simon Liang" wrote:
>Hi,
>
>I wrote a script for Cloudstack 4.0 KVM Hypervisor Host installation.
>This
>will help shorten the installation process. Here is the link to the
>script:
>
>http://simonljb123.wordpress.com/2013/05/22/installation-
It looks like you have defined 3 public vlans all with the same range?
On 5/22/13 2:20 PM, "wq meng" wrote:
>Hello jayapal,
>
>I have reload and reinstalled CS4.02, Still have the problem.
>
>Please see the router vm, why so many ethx?
>
>eth0 is for guest, eth1 is link-local, eth2 should be
Hi Aslan - are you referring to the CloudStack vulnerability announcement
related to authentication bypass we announced in April? (CVE 2013-2756)
If so, to fix the issue you need to upgrade to CloudStack 4.0.2. Do note
there's issues with Ceph on ACS 4.0.2, so if you are using Ceph we'll have to
Hello jayapal,
I have reload and reinstalled CS4.02, Still have the problem.
Please see the router vm, why so many ethx?
eth0 is for guest, eth1 is link-local, eth2 should be the public?
I have tried
iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT
Still no luck.
Any problem with my install?
can you attach your script?
On 05/22/2013 03:45 PM, Simon Liang wrote:
Hi,
I wrote a script for Cloudstack 4.0 KVM Hypervisor Host installation. This
will help shorten the installation process. Here is the link to the script:
http://simonljb123.wordpress.
On Wed, May 22, 2013 at 03:45:02PM -0400, Simon Liang wrote:
> Hi,
>
> I wrote a script for Cloudstack 4.0 KVM Hypervisor Host installation. This
> will help shorten the installation process. Here is the link to the script:
>
> http://simonljb123.wordpress.com/2013/05/22/installation-of-cloudst
Hi,
I wrote a script for Cloudstack 4.0 KVM Hypervisor Host installation. This
will help shorten the installation process. Here is the link to the script:
http://simonljb123.wordpress.com/2013/05/22/installation-of-cloudstack-4-0-kvm-hypervisor-host-with-onekey/
Simon
Hi,
In network offering if you select ZONE wide source NAT then source rules are
not configured by cloudstack. Admin/User has to manually select source NAT ip
and configure the source NAT rules.
Ok, thanks for the precision.
When you configure firewall rules, firewall filter rules on srx g
Hello
Are there setup guide for the configuration of Nicira NVP and CloudStack 4.1?
Thanks
Kimi
Yeah what is in master isn't yet perfect. Checkout the dev branch,
which includes lots of new goodness, but needs some eyes for testing.
--David
On Wed, May 22, 2013 at 7:50 AM, Oliver Leach
wrote:
> That is great, looks like it needs some more work but is a good start. I
> didn't know that exi
That is great, looks like it needs some more work but is a good start. I didn't
know that existed - thanks David..
Oliver
--
-Original Message-
From: David Nalley [mailto:da...@gnsa.us]
Sent: Wednesday, May 22, 2013 5:55 AM
To: users@cloudstack.apache.org
Subject: Re: puppet integartio
Hello jayapal,
I downloaded the lastest 4.02 source code. is the 4.02 removed the egress ?
I will try the iptables trick .
Thank you so much.
On Wed, May 22, 2013 at 6:41 PM, Jayapal Reddy Uradi <
jayapalreddy.ur...@citrix.com> wrote:
> In your CS version egress rules feature is not presen
In your CS version egress rules feature is not present.
Thats the reason CS says Unknown API.
I checked your iptables rules also, egress rules default block rules are not
present.
You can ignore the egress firewall rules.
check the in your router is there rule to accept guest traffic to public.
Hello Jayapal
If CS4.02 default is block the VM to access public side, and on the UC ,
there is no link to change it. As you saw, the API have no API Names to
change it too.
How to fix the problem?
I will reload the OS and re-setup CS4.02 again to check if it will fix.
Thank you so muc
Yes,
I add 0.0.0.0/0 ICMP type = -1 and ICMP code = -1, the Public IP of the
Router VM can ping now.
Any idea about the Egress firewall rule problem?
Thank you so much.
On Wed, May 22, 2013 at 6:19 PM, Jayapal Reddy Uradi <
jayapalreddy.ur...@citrix.com> wrote:
>
> You need pining rout
>From VM if you are not able to ping public side then it is your setup issue.
It can be debugged by capturing packets on the router guest interface and
public interface to see wether the packets are reaching to router or not
Thanks,
Jayapal
On 22-May-2013, at 3:49 PM, Jayapal Reddy Uradi
wrot
You need pining router VM public IP from public network/subnet ?
- You need to add icmp firewall rule on the public IP to enable ping request
on the public ip
Thanks,
Jayapal
On 22-May-2013, at 3:45 PM, wq meng
wrote:
> Hello Jayapal
>
> There is no problem to ping Google from the Router
Hello Jayapal
There is no problem to ping Google from the Router VM, Only problem is that
I can not ping the Router VM public IP from outside.
root@r-4-VM:~# ping www.google.com
PING www.google.com (173.194.64.147): 56 data bytes
64 bytes from 173.194.64.147: icmp_seq=0 ttl=48 time=53.194 ms
64 b
Hello Jayapal,
Thanks for the update, I will try that.
And some more information for you.
I have tried the API. createEgressFirewallRule
But it shows "Unknown API command: listEgressFirewallRules" ,
Is it should be do not have the APIs, in 4.0.2.20130521045123 ?
Very confused.
43299
By looking at the iptables rules, there is no egress rules feature in your
deployment.
In your case the issue seems to be different.
Please do the below trouble shooting.
Ping from the guest vm to public subnet/google and try to capture the
packets on the router guest interface and public interfa
Hello Jayapal
I know very little about api yet.
I login to the VRouter VM, Can I change the rules to get work?
On
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Egress+firewall+rules+for+guest+network
It says some Chains , but I can not find them inside my VRouter VM.
=
26 matches
Mail list logo