[one-users] Problem Login/ssh into vm
Alexander Sibetheros
alexsibeth at gmail.com
Fri Dec 20 07:41:36 PST 2013
I tried everything you suggested but nothing seems to work.
The vmhost talks with its vm via virbr0 and the other way around(via ping),
BUT when I run tcpdump -i virbr0 host 192.168.0.32(The vm) and ping from
the vm to the controller, I get:
07:28:29.310158 ARP, Request who-has 192.168.0.20 tell 192.168.0.32, length
28
If I ping google I get
07:28:29.310158 ARP, Request who-has 192.168.0.1 tell 192.168.0.32, length
28
So It cant see my network..
When I try from the controller to ping the vm I get:
7:36:50.675465 ARP, Request who-has 192.168.0.32 tell 192.168.0.20, length
46
07:36:50.679493 ARP, Reply 192.168.0.32 is-at 02:00:c0:a8:00:20 (oui
Unknown), length 28
I have enabled ip_forward with no difference.
I also tried disabling the uwf, but didn't help.
I am certain the problem exists in the vmhost, kvm is doing something
wicked...
Also, when I run a vm, a vnet0 is created on the vmhost, if I disable this
then I can no longer ping vmhost <-->vm. But when I tcpdump the vnet0 its
empty...
Any other ideas I can try?
On Thu, Dec 19, 2013 at 2:12 AM, Jens Hoffmann <jens.hoffmann at cuesoft.eu>wrote:
> Clearly a routing problem. Your controller won't know how to route
> packages that are addressed to your vm instance. Start to use tcpdump -i
> <interface> in companion with ping on all the involved interfaces to
> actually see where the packages go (and where not). Read and understand
> your controllers routing table. You will probably find out that you need to
> add a route to the controller's routing table (probably with route add -net
> <host bridge ip> netmask <host bridge netmask> gw <host ip>). Then see how
> packages arrive at the host. If packages still don't arrive at the bridge,
> tell your hosts network stack to forward packages between its interfaces,
> i.e. with echo 1 > /proc/sys/net/ipv4/ip_forward (in debian; that setting
> will disappear after a reboot; make it persistent in /etc/sysctl.conf).
>
>
> Good luck!
>
>
>
> Jens
>
> --
> gpg --keyserver pgp.mit.edu --recv-keys 0xDB1CAFB5
>
>
>
> On 12/18/2013 11:23 PM, Alexander Sibetheros wrote:
>
> I'm am writing again to clarify I fixed the 1st problem.
> I was trying to ssh from the root at node instead of oneadmin at node(which I
> never used before). I can successfully ssh, change root password :) Thank
> you very much for your ideas.
>
> I am not able to do such from oneadmin at controller though(controller->vm,
> instead of host->vm). Ssh and ping both fail and I don't understand how
> tcpdump works.
> I did find that there is a problem with the way opennebula works with
> ip/mac address of vm's and that a special script is needed to correctly map
> them, but I don't really understand what is going on.
>
> Specifically I found:
> (1)
> http://lists.opennebula.org/pipermail/users-opennebula.org/2011-December/007042.html
>
> "Using the CONTEXT cdrom, the init.sh script in executed at boot time. You
> can modify the init.sh script to set your broadcast address and netmask.
> You can hardcode these values, or pass them as a CONTEXT sub-attribute;
> take a look at the DNS example from the contextualization guide:
> "
> (2) http://opennebula.org/documentation:archives:rel3.0:cong
> Using Virtual Network Leases within a Virtual Machine
>
> (3)
> http://serverfault.com/questions/331145/bridging-virtual-networking-into-real-lan-on-a-opennebula-cluster
> OpenNebula, by design, doesn't actually manage IP addresses even though
> it maintains a pool of them and "leases" them out. What it's really
> doing is assigning a MAC address to the virtual ethernet interface that
> has the desired IP address encoded in the last 4 bytes of the MAC
> address, and it's up to the OS to recognize that and assign an IP
> appropriately.
>
>
>
> On Wed, Dec 18, 2013 at 10:38 PM, Alexander Sibetheros <
> alexsibeth at gmail.com> wrote:
>
>> But that is exactly the problem. I can access the vm via vnc(from
>> sunstone), but get login screen(local host login/password which I don't
>> know). So, I can't check for daemons. I read online that for the images
>> created for kvm/opennebula access is done via ssh(passwordless).
>>
>> Because the image I am using is prebuilt for opennebula, I imagine
>> something is wrong in my controller/node configuration, but do not know
>> where to look.
>>
>>
>>
>> On Wed, Dec 18, 2013 at 10:21 PM, Jens Hoffmann <jens.hoffmann at cuesoft.eu
>> > wrote:
>>
>>> Can you login into your vms via vnc and investigate, i.e. if ssh
>>> daemon is running and if ssh keys are correctly inserted into your
>>> login-user's authorized_keys?
>>>
>>> The ping problem may be a routing problem on your host. Check if the
>>> host has ip_forwarding enabled such that the host forwards packages between
>>> "eth0" and "br0", that is between the bridge and your host's physical nic.
>>> If this does not help, investigate your routing tables and try to track
>>> your ping's package flow with tcpdump.
>>>
>>>
>>>
>>>
>>> Jens
>>> -- gpg --keyserver pgp.mit.edu --recv-keys 0xDB1CAFB5
>>>
>>>
>>> On 12/18/2013 07:52 PM, Alexander Sibetheros wrote:
>>>
>>> I would like to note that when I added tty-linux - kvm from the
>>> marketplace, created a simple template(same as the centOS), and run it, I
>>> was able to login and use the vm. So I know the host works, and my problem
>>> most likely is in the way ssh works from the controller to vm's...
>>>
>>> Also noteworthy, I cannot ping the vm's from the controller...only
>>> from the host. Im not sure this is correct or not.
>>>
>>>
>>>
>>> On Wed, Dec 18, 2013 at 4:48 PM, Alexander Sibetheros <
>>> alexsibeth at gmail.com> wrote:
>>>
>>>> I am following this tutorial, as closely as possible:
>>>> http://www.opennebula.org/documentation:rel4.4:qs_ubuntu_kvm
>>>>
>>>> TEMPLATE 0
>>>> INFORMATION
>>>> ID : 0
>>>> NAME : CentOS-6.4
>>>> USER : oneadmin
>>>> GROUP : oneadmin
>>>> REGISTER TIME : 12/16 13:44:54
>>>>
>>>> PERMISSIONS
>>>>
>>>> OWNER : um-
>>>> GROUP : ---
>>>> OTHER : ---
>>>>
>>>> TEMPLATE
>>>> CONTENTS
>>>> CONTEXT=[
>>>> SSH_PUBLIC_KEY="$USER[SSH_PUBLIC_KEY]" ]
>>>> CPU="1.0"
>>>> DISK=[
>>>> IMAGE="CentOS-6.4_x86_64" ]
>>>> GRAPHICS=[
>>>> LISTEN="0.0.0.0",
>>>> TYPE="vnc" ]
>>>> MEMORY="512"
>>>> NIC=[
>>>> NETWORK="private" ]
>>>> OS=[
>>>> ARCH="x86_64" ]
>>>> VCPU="1"
>>>>
>>>>
>>>>
>>>> On Wed, Dec 18, 2013 at 4:35 PM, Carlos Martín Sánchez <
>>>> cmartin at opennebula.org> wrote:
>>>>
>>>>> Hi Alexander,
>>>>>
>>>>> On Wed, Dec 18, 2013 at 3:28 PM, Alexander Sibetheros <
>>>>> alexsibeth at gmail.com> wrote:
>>>>>
>>>>> I'll give the docs you sent a look but my configurations where the
>>>>>> default in the tutorial:
>>>>>>
>>>>>> $ oneimage create --name "CentOS-6.4_x86_64" \
>>>>>> --path "http://us.cloud.centos.org/i/one/c6-x86_64-20130910-1.qcow2.bz2" \
>>>>>> --driver qcow2 \
>>>>>> --datastore default
>>>>>>
>>>>>> $ onetemplate create --name "CentOS-6.4" --cpu 1 --vcpu 1 --memory 512 \
>>>>>> --arch x86_64 --disk "CentOS-6.4_x86_64" --nic "private" --vnc \
>>>>>> --ssh
>>>>>>
>>>>>>
>>>>>> Before creating the vm I added the ssh parameters to the user:
>>>>>>
>>>>>> """$ EDITOR=vi oneuser update oneadmin
>>>>>> Add a new line like the following to the template:
>>>>>> SSH_PUBLIC_KEY="ssh-dss AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."
>>>>>> Substitute the value above with the output of cat ~/.ssh/id_dsa.pub."""
>>>>>>
>>>>>> $ onetemplate instantiate "CentOS-6.4" --name "My Scratch VM"
>>>>>>
>>>>>>
>>>>> Which tutorial are you following?
>>>>> And could you paste the output of onetemplate show <id>?
>>>>>
>>>>> Regards
>>>>> --
>>>>> Carlos Martín, MSc
>>>>> Project Engineer
>>>>> OpenNebula - Flexible Enterprise Cloud Made Simple
>>>>> www.OpenNebula.org | cmartin at opennebula.org | @OpenNebula<http://twitter.com/opennebula>
>>>>>
>>>>>
>>>>> On Wed, Dec 18, 2013 at 3:28 PM, Alexander Sibetheros <
>>>>> alexsibeth at gmail.com> wrote:
>>>>>
>>>>>> I'll give the docs you sent a look but my configurations where the
>>>>>> default in the tutorial:
>>>>>>
>>>>>> $ oneimage create --name "CentOS-6.4_x86_64" \
>>>>>> --path "http://us.cloud.centos.org/i/one/c6-x86_64-20130910-1.qcow2.bz2" \
>>>>>> --driver qcow2 \
>>>>>> --datastore default
>>>>>>
>>>>>> $ onetemplate create --name "CentOS-6.4" --cpu 1 --vcpu 1 --memory 512 \
>>>>>> --arch x86_64 --disk "CentOS-6.4_x86_64" --nic "private" --vnc \
>>>>>> --ssh
>>>>>>
>>>>>>
>>>>>> Before creating the vm I added the ssh parameters to the user:
>>>>>>
>>>>>> """$ EDITOR=vi oneuser update oneadmin
>>>>>> Add a new line like the following to the template:
>>>>>> SSH_PUBLIC_KEY="ssh-dss AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."
>>>>>> Substitute the value above with the output of cat ~/.ssh/id_dsa.pub."""
>>>>>>
>>>>>> $ onetemplate instantiate "CentOS-6.4" --name "My Scratch VM"
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Wed, Dec 18, 2013 at 2:05 PM, Carlos Martín Sánchez <
>>>>>> cmartin at opennebula.org> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> On Wed, Dec 18, 2013 at 12:03 PM, Alexander Sibetheros <
>>>>>>> alexsibeth at gmail.com> wrote:
>>>>>>>
>>>>>>>> I checked the marketplace.. all vms for xen/vmware bases have
>>>>>>>> default username/passwords.
>>>>>>>> KVM on the otherhand writes: Add `SSH_PUBLIC_KEY` to
>>>>>>>> contextualization to set root credentials.
>>>>>>>>
>>>>>>>
>>>>>>> I assume you are using this image from the marketplace:
>>>>>>>
>>>>>>> http://docs.opennebula.org/stable/administration/references/schg.html#configuration
>>>>>>>
>>>>>>> Maybe the problem is a wrong syntax in the VM template. Can you
>>>>>>> paste its contents?
>>>>>>> It should follow the syntax described here:
>>>>>>>
>>>>>>> http://docs.opennebula.org/stable/user/references/template.html?highlight=context#context-section
>>>>>>>
>>>>>>> You can read more about the contextualization mechanism here:
>>>>>>>
>>>>>>> http://docs.opennebula.org/stable/user/virtual_machine_setup/context_overview.html
>>>>>>>
>>>>>>> Regards
>>>>>>>
>>>>>>> --
>>>>>>> Carlos Martín, MSc
>>>>>>> Project Engineer
>>>>>>> OpenNebula - Flexible Enterprise Cloud Made Simple
>>>>>>> www.OpenNebula.org | cmartin at opennebula.org | @OpenNebula<http://twitter.com/opennebula>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Dec 18, 2013 at 12:03 PM, Alexander Sibetheros <
>>>>>>> alexsibeth at gmail.com> wrote:
>>>>>>>
>>>>>>>> Unfortunately no..
>>>>>>>> I checked the marketplace.. all vms for xen/vmware bases have
>>>>>>>> default username/passwords.
>>>>>>>> KVM on the otherhand writes: Add `SSH_PUBLIC_KEY` to
>>>>>>>> contextualization to set root credentials.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, Dec 18, 2013 at 12:47 PM, Jens Hoffmann <
>>>>>>>> jens.hoffmann at cuesoft.eu> wrote:
>>>>>>>>
>>>>>>>>> Does this link provide correct credentials for your image:
>>>>>>>>>
>>>>>>>>> http://opennebula.org/cloud:sandbox:kvm#what_are_the_users_and_the_passwords
>>>>>>>>> ?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Jens
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> gpg --keyserver pgp.mit.edu --recv-keys 0xDB1CAFB5
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 12/18/2013 11:31 AM, Alexander Sibetheros wrote:
>>>>>>>>> > I recently set up a simple 2 node opennebula(ubuntu/kvm) (using
>>>>>>>>> vmware
>>>>>>>>> > vm's), following the tutorial.
>>>>>>>>> >
>>>>>>>>> > I got a centOS vm to run, but cannot log in.
>>>>>>>>> > I read on other sites that login in is done via ssh and not vnc,
>>>>>>>>> but
>>>>>>>>> > whenever I ssh root at ..vm_ip... I get prompted for password
>>>>>>>>> which I
>>>>>>>>> > dont have.
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> > I followed this step from the tutorial(before running I ran
>>>>>>>>> ssh-keygen
>>>>>>>>> > -t dsa, because the id_dsa.pub file did not exist):
>>>>>>>>> >
>>>>>>>>> > """In order to dynamically add ssh keys to Virtual Machines we
>>>>>>>>> must
>>>>>>>>> > add our ssh key to the user template, by editing the user
>>>>>>>>> template:
>>>>>>>>> >
>>>>>>>>> > $ EDITOR=vi oneuser update oneadmin
>>>>>>>>> >
>>>>>>>>> > Add a new line like the following to the template:
>>>>>>>>> >
>>>>>>>>> > SSH_PUBLIC_KEY="ssh-dss AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."
>>>>>>>>> >
>>>>>>>>> > Substitute the value above with the output of |cat
>>>>>>>>> ~/.ssh/id_dsa.pub|."""
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> > --
>>>>>>>>> > Alexander Sibetheros
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> > _______________________________________________
>>>>>>>>> > Users mailing list
>>>>>>>>> > Users at lists.opennebula.org
>>>>>>>>> > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> Users mailing list
>>>>>>>>> Users at lists.opennebula.org
>>>>>>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Alexander Sibetheros
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Users mailing list
>>>>>>>> Users at lists.opennebula.org
>>>>>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Alexander Sibetheros
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Alexander Sibetheros
>>>>
>>>
>>>
>>>
>>> --
>>> Alexander Sibetheros
>>> Student at University of Athens,
>>> Department of Informatics and Telecommunications
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Alexander Sibetheros
>> Student at University of Athens,
>> Department of Informatics and Telecommunications
>>
>
>
>
> --
> Alexander Sibetheros
> Student at University of Athens,
> Department of Informatics and Telecommunications
>
>
>
> --
> gpg --keyserver pgp.mit.edu --recv-keys 0xDB1CAFB5
>
>
--
Alexander Sibetheros
Student at University of Athens,
Department of Informatics and Telecommunications
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20131220/49120983/attachment-0002.htm>
More information about the Users
mailing list