Cannot access running instance from client - Eucalyptus
-
15-03-2021 - |
Pergunta
I have set up a private cloud under ubuntu 10.04 server through eucalyptus packages (v 1.6.1) Here are my configurations CLC,CC,WS3, SC (Frontend) - 10.X.X.29 NC - 10.X.X.30
NTP Configured
Hwinfo - Intel quadcore (Q8300), 500GB, 4GB RAM, VT-x enabled in both the systems
I bundled,uploaded & registered the images which were given under eucalyptus website. (ubuntu 9.04 x86-64bit)
My query is .. I can access (ping & ssh) my running instance only in my frontend. I cannot ping or ssh my instances from my client, but i can see the console output from client nd see the status of my running state vm thro' elastic fox.
euca-describe-images >
IMAGE eri-16D9191E ubuntu-ramdisk-bucket/initrd.img-2.6.28-11-generic.manifest.xml admin available public x86_64 ramdisk instance-store
IMAGE emi-39711602 ubuntu-image-bucket/ubuntu.9-04.x86-64.img.manifest.xmladmin available public x86_64 machine eki-AE6117D9 eri-16D9191E instance-store
IMAGE eki-AE6117D9 ubuntu-kernel-bucket/vmlinuz-2.6.28-11-generic.manifest.xml admin available public x86_64 kernel instance-store
euca-describe-instances >
RESERVATION r-45CA0852 admin default
INSTANCE i-463407D1 emi-39711602 192.168.0.100 172.19.1.2 running key1 0 m1.large 2011-12-09T14:33:44.348Z cluster1 eki-AE6117D9 eri-16D9191E
I can access my instance from the cloud controller. I could not access (ping or ssh) the instances anywhere from the network. The VM is not getting exposed in the network. There is some networking problem associated with the instances, frontend and my client which i couldn't figure out.
Here are my configuration files ..!
Eucalyptus.conf
/eucalyptus/eucalyptus.conf
EUCALYPTUS="/"
EUCA_USER="eucalyptus"
DISABLE_DNS="Y"
DISABLE_ISCSI="Y"
JVM_MEM="512m"
ENABLE_WS_SECURITY="Y"
LOGLEVEL="DEBUG"
VNET_PUBINTERFACE="eth0"
VNET_PRIVINTERFACE="eth0"
VNET_MODE="MANAGED-NOVLAN"
CC_PORT="8774"
SCHEDPOLICY="ROUNDROBIN"
POWER_IDLETHRESH="300"
POWER_WAKETHRESH="300"
NC_SERVICE="axis2/services/EucalyptusNC"
VNET_DHCPDAEMON="/usr/sbin/dhcpd3"
VNET_DHCPUSER="dhcpd"
NODES="10.X.X.30"
VNET_ADDRSPERNET="32"
NC_PORT="8775"
HYPERVISOR="kvm"
MANUAL_INSTANCES_CLEANUP=0
VNET_BRIDGE="br0"
INSTANCE_PATH="/var/lib/eucalyptus/instances/"
eucalyptus.local.conf
VNET_MODE="MANAGED-NOVLAN"
VNET_SUBNET="172.19.0.0"
VNET_NETMASK="255.255.0.0"
VNET_DNS="10.X.X.1"
VNET_ADDRSPERNET="32"
VNET_PUBLICIPS="192.168.0.100-192.168.0.150"
Even after giving authorizations through euca-authorize -P tcp -p 22 -s 0.0.0.0/0 default from my client (end user) ..! I could not access (even ping or ssh) my instance from client ! but i can access the VM in the front end (SSH is working)
euca-describe-groups >
GROUP logskish default default group
GROUP admin eucagroup sample group
GROUP admin default default group
PERMISSION admin default ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0
PERMISSION admin default ALLOWS icmp -1 -1 FROM CIDR 0.0.0.0/0
How to over come this problem.
Thanks
Logs
Solução
I would make sure I run the following:
euca-authorize -P icmp -t -1:-1 default euca-authorize -P tcp -p 22 default
Outras dicas
Answer : Dear one yes you have done everything ok: now just check your cloud machine's iptable
#iptables -L
and you can get DROP Policy in Forward chain just remove drop policy and activate forwarding in /etc/sysctl.conf
you can ping and access your vm machines from client side
# iptables -t filter -P FORWARD ACCEPT
now you can ping and ssh your vm from client side