[one-users] Problem with ebtables OpenNebula

Tino Vazquez tinova at opennebula.org
Wed Apr 13 05:31:49 PDT 2011


Hi,

It is recommended to run OpenNebula as a non-root account, please
install the dependencies as oneadmin.

Regards,

-T

--
Constantino Vázquez Blanco, MSc
OpenNebula Major Contributor
www.OpenNebula.org | @tinova79



On Tue, Apr 12, 2011 at 9:10 PM, Leong Marco <leong.chou.kin at usj.edu.mo> wrote:
> Tino,
> I have installed rubygems. However, it is able to run in root, not oneadmin.
> Leong Marco
> leong.chou.kin at usj.edu.mo
>
>
> On Apr 12, 2011, at 5:22 PM, Tino Vazquez wrote:
>
> Hi,
>
> You need to install the rubygems dependency, the process varies
> depending on the linux distro used.
>
> Regards,
>
> -Tino
>
> --
> Constantino Vázquez Blanco, MSc
> OpenNebula Major Contributor
> www.OpenNebula.org | @tinova79
>
>
>
> On Tue, Apr 12, 2011 at 2:17 AM, Leong Marco <leong.chou.kin at usj.edu.mo>
> wrote:
>
> [oneadmin at geek ~]$ ruby -dw /usr/lib/one/mads/one_auth_mad.rb
>
> Exception `LoadError' at /usr/lib/one/mads/one_auth_mad.rb:33 - no such file
>
> to load -- rubygems
>
> /usr/lib/one/mads/one_auth_mad.rb:33:in `require': no such file to load --
>
> rubygems (LoadError)
>
> from /usr/lib/one/mads/one_auth_mad.rb:33
>
> here is the output.
>
> Leong Marco
>
> leong.chou.kin at usj.edu.mo
>
>
> On Apr 11, 2011, at 11:06 PM, Tino Vazquez wrote:
>
> Ok, please try
>
> $ ruby -dw $ONE_LOCATION/lib/mads/one_auth_mad.rb
>
> and send the output
>
> Regards,
>
> -Tino
>
> --
>
> Constantino Vázquez Blanco, MSc
>
> OpenNebula Major Contributor
>
> www.OpenNebula.org | @tinova79
>
>
>
> On Mon, Apr 11, 2011 at 4:59 PM, Leong Marco <leong.chou.kin at usj.edu.mo>
>
> wrote:
>
> Hi,
>
> It return the shell.
>
> Best regards.
>
> Leong Marco
>
> leong.chou.kin at usj.edu.mo
>
>
> On Apr 11, 2011, at 10:54 PM, Tino Vazquez wrote:
>
> Hi,
>
> What happens, does it return the shell, or does it wait for input?
>
> Regards,
>
> -Tino
>
> --
>
> Constantino Vázquez Blanco, MSc
>
> OpenNebula Major Contributor
>
> www.OpenNebula.org | @tinova79
>
>
>
> On Mon, Apr 11, 2011 at 4:49 PM, Leong Marco <leong.chou.kin at usj.edu.mo>
>
> wrote:
>
> Hi Tino,
>
> Thank you for your reply.
>
> This command doesn't produce any output.
>
> Leong Marco
>
> leong.chou.kin at usj.edu.mo
>
>
> On Apr 11, 2011, at 10:20 PM, Tino Vazquez wrote:
>
> Dear Leong,
>
> Please try the following as oneadmin, and send the output:
>
> # $ONE_LOCATION/lib/mads/one_auth_mad
>
> Regards,
>
> .Tino
>
>
> --
>
> Constantino Vázquez Blanco, MSc
>
> OpenNebula Major Contributor
>
> www.OpenNebula.org | @tinova79
>
>
>
> On Mon, Apr 11, 2011 at 3:49 PM, Leong Marco <leong.chou.kin at usj.edu.mo>
>
> wrote:
>
> Dear Tino,
>
> Yes, I did have this error in the log.
>
> Mon Apr 11 15:13:09 2011 [MAD][E]: MAD did not answer INIT command
>
> What is the problem happen here? Thank you for your help !
>
> Leong Marco
>
> leong.chou.kin at usj.edu.mo
>
>
> On Apr 11, 2011, at 8:55 PM, Tino Vazquez wrote:
>
> Dear Leong, Marwen,
>
> If you are experiencing the following in the logs
>
> Fri Apr  8 11:59:05 2011 [MAD][E]: MAD did not answer INIT command
>
> it may be due to a missing dependency, we can walk you on finding out which
>
> one.
>
> Otherwise, please say so and we will look at other possible causes.
>
> Regards,
>
> -Tino
>
> --
>
> Constantino Vázquez Blanco | dsa-research.org/tinova
>
> Virtualization Technology Engineer / Researcher
>
> OpenNebula Toolkit | opennebula.org
>
>
>
> On Mon, Apr 11, 2011 at 9:13 AM, Leong Marco <leong.chou.kin at usj.edu.mo>
>
> wrote:
>
> Hi,
>
> I have the same problem as Marwen. With this log message.
>
> Mon Apr 11 14:50:26 2011 [TM][I]: tm_context.sh: Executed "rm -rf
>
> /var/lib/one/2603e38607a144aef3bef07283d77095".
>
> Mon Apr 11 14:50:26 2011 [LCM][I]: New VM state is BOOT
>
> Mon Apr 11 14:50:26 2011 [VMM][I]: Generating deployment file:
>
> /var/lib/one/165/deployment.1
>
> Mon Apr 11 14:50:28 2011 [LCM][I]: New VM state is RUNNING
>
> Mon Apr 11 14:50:28 2011 [HKM][I]: Hook ebtables-start successfully
>
> executed.
>
> However, if I do a list to ebtables, it is empty.
>
> [oneadmin at geek root]$ sudo ebtables --list
>
> Bridge table: filter
>
> Bridge chain: INPUT, entries: 0, policy: ACCEPT
>
> Bridge chain: FORWARD, entries: 0, policy: ACCEPT
>
> Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
>
> When I run some ebtables command like this one, it works
>
> sudo ebtables -A FORWARD -p IPv4 -j ACCEPT
>
> this does add the rules to the table.
>
> What can I provide to help you to debug this problem?
>
> Leong Marco
>
> leong.chou.kin at usj.edu.mo
>
>
> On Apr 7, 2011, at 9:46 PM, marwen marwen wrote:
>
> Hi Zaina
>
> Yes I added oneadmin in the sudoers file of the physical host where the VM
>
> is allocated.
>
> And when I create the VM I specify the host where the VM will be allocated.
>
> But the problem is not resolved.
>
> Do you think that we must add this command in sudoers file of all cluster
>
> nodes.
>
> oneadmin    ALL=(ALL) NOPASSWD: /sbin/ebtables *
>
> Best regards
>
> Marwen
>
> From: Zaina AFOULKI <zaina.afoulki at ensi-bourges.fr>
>
> To: users at lists.opennebula.org
>
> Subject: Re: [one-users] Problem with ebtables OpenNebula
>
> Message-ID: <4D9CB10C.6080104 at ensi-bourges.fr>
>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Hi Marwen,
>
> Did you make sure that oneadmin is added in the /etc/sudoers file with
>
> oneadmin    ALL=(ALL) NOPASSWD: /sbin/ebtables * ?
>
> http://opennebula.org/documentation:archives:rel2.0:nm
>
> --
>
> Zaina
>
>
> On 04/06/2011 06:40 PM, marwen marwen wrote:
>
> Hi,
>
> I'm using ebtables to isolate virtual network in OpenNebula.
>
> I have a problem when OpenNebula execute ebtables-kvm script.
>
> In fact, the log file mention no error "Wed Apr  6 18:22:02 2011
>
> [HKM][D]:
>
> Message received: EXECUTE SUCCESS 146 ebtables-start".
>
> But there are no rule added to the list rules of ebtables in the
>
> physical
>
> host where the VM is allocated.
>
> ###############################################
>
> sudo ebtables -L
>
> Bridge table: filter
>
> Bridge chain: INPUT, entries: 0, policy: ACCEPT
>
> Bridge chain: FORWARD, entries: 0, policy: ACCEPT
>
> Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
>
> ###############################################
>
> And when I execute manually the script on the worker node, the rules are
>
> added.
>
> In the oned.conf we put this configuration
>
> ###############################################
>
> VM_HOOK = [
>
>     name      = "ebtables-start",
>
>     on        = "running",
>
>     command   = "ebtables-kvm", # or ebtables-xen
>
>     arguments = "one-$VMID",
>
>     remote    = "yes" ]
>
> VM_HOOK = [
>
>     name      = "ebtables-flush",
>
>     on        = "done",
>
>     command   = "ebtables-flush",
>
>     arguments = "",
>
>     remote    = "yes" ]
>
> ###############################################
>
> can you help me to fix this problem
>
> Best Regards
>
> Marwen
>
>
>
>
> _______________________________________________
>
> Users mailing list
>
> Users at lists.opennebula.org
>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
> _______________________________________________
>
> Users mailing list
>
> Users at lists.opennebula.org
>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
> _______________________________________________
>
> Users mailing list
>
> Users at lists.opennebula.org
>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
>
>
>
>
>
>
>
>
>



More information about the Users mailing list