[one-users] Problem Login/ssh into vm

Jens Hoffmann jens.hoffmann at cuesoft.eu
Fri Dec 20 09:29:26 PST 2013


That "vmhost" ist setup with vmware containing "controller" and "nebula
host"? If so, perhaps you need to tell vmware to route between its vms?
I don't know vmware, but it might be that vmware won't do this setup by
default?


Does the routing table on the "vmhost" look as expected?



Jens

-- 
gpg --keyserver pgp.mit.edu --recv-keys 0xDB1CAFB5





On 12/20/2013 04:41 PM, Alexander Sibetheros wrote:
> I tried everything you suggested but nothing seems to work.
> The vmhost talks with its vm via virbr0 and the other way around(via
> ping), BUT when I run tcpdump -i virbr0 host 192.168.0.32(The vm) and
> ping from the vm to the controller, I get:
>
> 07:28:29.310158 ARP, Request who-has 192.168.0.20 tell 192.168.0.32,
> length 28
>
> If I ping google I get
> 07:28:29.310158 ARP, Request who-has 192.168.0.1 tell 192.168.0.32,
> length 28
>
> So It cant see my network..
>
> When I try from the controller to ping the vm I get:
> 7:36:50.675465 ARP, Request who-has 192.168.0.32 tell 192.168.0.20,
> length 46
> 07:36:50.679493 ARP, Reply 192.168.0.32 is-at 02:00:c0:a8:00:20 (oui
> Unknown), length 28
>
> I have enabled ip_forward with no difference.
>
> I also tried disabling the uwf, but didn't help.
>
> I am certain the problem exists in the vmhost, kvm is doing something
> wicked...
>
> Also, when I run a vm, a vnet0 is created on the vmhost, if I disable
> this then I can no longer ping vmhost <-->vm. But when I tcpdump the
> vnet0 its empty...
>
> Any other ideas I can try?
>
>
>
>
> On Thu, Dec 19, 2013 at 2:12 AM, Jens Hoffmann
> <jens.hoffmann at cuesoft.eu <mailto:jens.hoffmann at cuesoft.eu>> wrote:
>
>     Clearly a routing problem. Your controller won't know how to route
>     packages that are addressed to your vm instance. Start to use
>     tcpdump -i <interface> in companion with ping on all the involved
>     interfaces to actually see where the packages go (and where not).
>     Read and understand your controllers routing table. You will
>     probably find out that you need to add a route to the controller's
>     routing table (probably with route add -net <host bridge ip>
>     netmask <host bridge netmask> gw <host ip>). Then see how packages
>     arrive at the host. If packages still don't arrive at the bridge,
>     tell your hosts network stack to forward packages between its
>     interfaces, i.e. with echo 1 > /proc/sys/net/ipv4/ip_forward (in
>     debian; that setting will disappear after a reboot; make it
>     persistent in /etc/sysctl.conf).
>
>
>     Good luck!
>
>
>
>     Jens
>
>     -- 
>     gpg --keyserver pgp.mit.edu <http://pgp.mit.edu> --recv-keys 0xDB1CAFB5
>
>
>
>     On 12/18/2013 11:23 PM, Alexander Sibetheros wrote:
>>     I'm am writing again to clarify I fixed the 1st problem.
>>     I was trying to ssh from the root at node instead of
>>     oneadmin at node(which I never used before). I can successfully ssh,
>>     change root password :) Thank you very much for your ideas.
>>
>>     I am not able to do such from oneadmin at controller
>>     though(controller->vm, instead of host->vm). Ssh and ping both
>>     fail and I don't understand how tcpdump works.
>>     I did find that there is a problem with the way opennebula works
>>     with ip/mac address of vm's and that a special script is needed
>>     to correctly map them, but I don't really understand what is
>>     going on.
>>
>>     Specifically I found:
>>     (1)
>>     http://lists.opennebula.org/pipermail/users-opennebula.org/2011-December/007042.html
>>
>>     "Using the CONTEXT cdrom, the init.sh script in executed at boot
>>     time. You
>>     can modify the init.sh script to set your broadcast address and
>>     netmask.
>>     You can hardcode these values, or pass them as a CONTEXT
>>     sub-attribute;
>>     take a look at the DNS example from the contextualization guide:
>>     "
>>     (2) http://opennebula.org/documentation:archives:rel3.0:cong
>>     Using Virtual Network Leases within a Virtual Machine
>>
>>     (3)http://serverfault.com/questions/331145/bridging-virtual-networking-into-real-lan-on-a-opennebula-cluster
>>     OpenNebula, by design, doesn't actually manage IP addresses even
>>     though
>>     it maintains a pool of them and "leases" them out. What it's really
>>     doing is assigning a MAC address to the virtual ethernet
>>     interface that
>>     has the desired IP address encoded in the last 4 bytes of the MAC
>>     address, and it's up to the OS to recognize that and assign an IP
>>     appropriately.
>>
>>
>>
>>     On Wed, Dec 18, 2013 at 10:38 PM, Alexander Sibetheros
>>     <alexsibeth at gmail.com <mailto:alexsibeth at gmail.com>> wrote:
>>
>>         But that is exactly the problem. I can access the vm via
>>         vnc(from sunstone), but get login screen(local host
>>         login/password which I don't know). So, I can't check for
>>         daemons. I read online that for the images created for
>>         kvm/opennebula access is done via ssh(passwordless).
>>
>>         Because the image I am using is prebuilt for opennebula, I
>>         imagine something is wrong in my controller/node
>>         configuration, but do not know where to look.
>>
>>
>>
>>         On Wed, Dec 18, 2013 at 10:21 PM, Jens Hoffmann
>>         <jens.hoffmann at cuesoft.eu <mailto:jens.hoffmann at cuesoft.eu>>
>>         wrote:
>>
>>             Can you login into your vms via vnc and investigate, i.e.
>>             if ssh daemon is running and if ssh keys are correctly
>>             inserted into your login-user's authorized_keys?
>>
>>             The ping problem  may be a routing problem on your host.
>>             Check if the host has ip_forwarding enabled such that the
>>             host forwards packages between "eth0" and "br0", that is
>>             between the bridge and your host's physical nic. If this
>>             does not help, investigate your routing tables and try to
>>             track your ping's package flow with tcpdump.
>>
>>
>>
>>
>>             Jens
>>             -- gpg --keyserver pgp.mit.edu <http://pgp.mit.edu>
>>             --recv-keys 0xDB1CAFB5
>>
>>
>>             On 12/18/2013 07:52 PM, Alexander Sibetheros wrote:
>>>             I would like to note that when I added tty-linux - kvm
>>>             from the marketplace, created a simple template(same as
>>>             the centOS), and run it, I was able to login and use the
>>>             vm. So I know the host works, and my problem most likely
>>>             is in the way ssh works from the controller to vm's...
>>>
>>>             Also noteworthy, I cannot ping the vm's from the
>>>             controller...only from the host. Im not sure this is
>>>             correct or not.
>>>              
>>>
>>>
>>>             On Wed, Dec 18, 2013 at 4:48 PM, Alexander Sibetheros
>>>             <alexsibeth at gmail.com <mailto:alexsibeth at gmail.com>> wrote:
>>>
>>>                 I am following this tutorial, as closely as
>>>                 possible:
>>>                 http://www.opennebula.org/documentation:rel4.4:qs_ubuntu_kvm
>>>
>>>                 TEMPLATE 0
>>>                 INFORMATION                                                         
>>>
>>>                 ID             : 0                  
>>>                 NAME           : CentOS-6.4         
>>>                 USER           : oneadmin           
>>>                 GROUP          : oneadmin           
>>>                 REGISTER TIME  : 12/16 13:44:54     
>>>
>>>                 PERMISSIONS                                                                    
>>>
>>>                 OWNER          : um-                
>>>                 GROUP          : ---                
>>>                 OTHER          : ---                
>>>
>>>                 TEMPLATE
>>>                 CONTENTS                                                              
>>>
>>>                 CONTEXT=[
>>>                   SSH_PUBLIC_KEY="$USER[SSH_PUBLIC_KEY]" ]
>>>                 CPU="1.0"
>>>                 DISK=[
>>>                   IMAGE="CentOS-6.4_x86_64" ]
>>>                 GRAPHICS=[
>>>                   LISTEN="0.0.0.0",
>>>                   TYPE="vnc" ]
>>>                 MEMORY="512"
>>>                 NIC=[
>>>                   NETWORK="private" ]
>>>                 OS=[
>>>                   ARCH="x86_64" ]
>>>                 VCPU="1"
>>>
>>>
>>>
>>>                 On Wed, Dec 18, 2013 at 4:35 PM, Carlos Martín
>>>                 Sánchez <cmartin at opennebula.org
>>>                 <mailto:cmartin at opennebula.org>> wrote:
>>>
>>>                     Hi Alexander,
>>>
>>>                     On Wed, Dec 18, 2013 at 3:28 PM, Alexander
>>>                     Sibetheros <alexsibeth at gmail.com
>>>                     <mailto:alexsibeth at gmail.com>> wrote:
>>>
>>>                         I'll give the docs you sent a look but my
>>>                         configurations where the default in the
>>>                         tutorial:
>>>
>>>                         $ oneimage create --name "CentOS-6.4_x86_64" \
>>>                             --path "http://us.cloud.centos.org/i/one/c6-x86_64-20130910-1.qcow2.bz2" \
>>>                             --driver qcow2 \
>>>                             --datastore default
>>>
>>>                         $ onetemplate create --name "CentOS-6.4" --cpu 1 --vcpu 1 --memory 512 \
>>>                             --arch x86_64 --disk "CentOS-6.4_x86_64" --nic "private" --vnc \
>>>                             --ssh
>>>
>>>                         Before creating the vm I added the ssh parameters to the user:
>>>                         """$ EDITOR=vi oneuser update oneadmin Add a
>>>                         new line like the following to the template:
>>>                         SSH_PUBLIC_KEY="ssh-dss
>>>                         AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."
>>>                         Substitute the value above with the output
>>>                         of cat ~/.ssh/id_dsa.pub."""
>>>
>>>                         $ onetemplate instantiate "CentOS-6.4" --name "My Scratch VM"
>>>
>>>
>>>                     Which tutorial are you following?
>>>                     And could you paste the output of onetemplate
>>>                     show <id>?
>>>
>>>                     Regards
>>>                     --
>>>                     Carlos Martín, MSc
>>>                     Project Engineer
>>>                     OpenNebula - Flexible Enterprise Cloud Made Simple
>>>                     www.OpenNebula.org <http://www.OpenNebula.org> |
>>>                     cmartin at opennebula.org
>>>                     <mailto:cmartin at opennebula.org> | @OpenNebula
>>>                     <http://twitter.com/opennebula>
>>>
>>>
>>>                     On Wed, Dec 18, 2013 at 3:28 PM, Alexander
>>>                     Sibetheros <alexsibeth at gmail.com
>>>                     <mailto:alexsibeth at gmail.com>> wrote:
>>>
>>>                         I'll give the docs you sent a look but my
>>>                         configurations where the default in the
>>>                         tutorial:
>>>
>>>                         $ oneimage create --name "CentOS-6.4_x86_64" \
>>>                             --path "http://us.cloud.centos.org/i/one/c6-x86_64-20130910-1.qcow2.bz2" \
>>>                             --driver qcow2 \
>>>                             --datastore default
>>>
>>>                         $ onetemplate create --name "CentOS-6.4" --cpu 1 --vcpu 1 --memory 512 \
>>>                             --arch x86_64 --disk "CentOS-6.4_x86_64" --nic "private" --vnc \
>>>                             --ssh
>>>
>>>                         Before creating the vm I added the ssh parameters to the user:
>>>                         """$ EDITOR=vi oneuser update oneadmin Add a
>>>                         new line like the following to the template:
>>>                         SSH_PUBLIC_KEY="ssh-dss
>>>                         AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."
>>>                         Substitute the value above with the output
>>>                         of cat ~/.ssh/id_dsa.pub."""
>>>
>>>                         $ onetemplate instantiate "CentOS-6.4" --name "My Scratch VM"
>>>
>>>
>>>
>>>
>>>                         On Wed, Dec 18, 2013 at 2:05 PM, Carlos
>>>                         Martín Sánchez <cmartin at opennebula.org
>>>                         <mailto:cmartin at opennebula.org>> wrote:
>>>
>>>                             Hi,
>>>
>>>                             On Wed, Dec 18, 2013 at 12:03 PM,
>>>                             Alexander
>>>                             Sibetheros <alexsibeth at gmail.com
>>>                             <mailto:alexsibeth at gmail.com>> wrote:
>>>
>>>                                 I checked the marketplace.. all vms
>>>                                 for xen/vmware bases have default
>>>                                 username/passwords.
>>>                                 KVM on the otherhand writes: Add
>>>                                 `SSH_PUBLIC_KEY` to
>>>                                 contextualization to set root
>>>                                 credentials. 
>>>
>>>
>>>                             I assume you are using this image from
>>>                             the marketplace:
>>>                             http://docs.opennebula.org/stable/administration/references/schg.html#configuration
>>>
>>>                             Maybe the problem is a wrong syntax in
>>>                             the VM template. Can you paste its contents?
>>>                             It should follow the syntax described here:
>>>                             http://docs.opennebula.org/stable/user/references/template.html?highlight=context#context-section
>>>
>>>                             You can read more about the
>>>                             contextualization mechanism here:
>>>                             http://docs.opennebula.org/stable/user/virtual_machine_setup/context_overview.html
>>>
>>>                             Regards
>>>
>>>                             --
>>>                             Carlos Martín, MSc
>>>                             Project Engineer
>>>                             OpenNebula - Flexible Enterprise Cloud
>>>                             Made Simple
>>>                             www.OpenNebula.org
>>>                             <http://www.OpenNebula.org> |
>>>                             cmartin at opennebula.org
>>>                             <mailto:cmartin at opennebula.org> |
>>>                             @OpenNebula <http://twitter.com/opennebula>
>>>
>>>
>>>                             On Wed, Dec 18, 2013 at 12:03 PM,
>>>                             Alexander Sibetheros
>>>                             <alexsibeth at gmail.com
>>>                             <mailto:alexsibeth at gmail.com>> wrote:
>>>
>>>                                 Unfortunately no..
>>>                                 I checked the marketplace.. all vms
>>>                                 for xen/vmware bases have default
>>>                                 username/passwords.
>>>                                 KVM on the otherhand writes: Add
>>>                                 `SSH_PUBLIC_KEY` to
>>>                                 contextualization to set root
>>>                                 credentials.
>>>
>>>
>>>
>>>
>>>                                 On Wed, Dec 18, 2013 at 12:47 PM,
>>>                                 Jens Hoffmann
>>>                                 <jens.hoffmann at cuesoft.eu
>>>                                 <mailto:jens.hoffmann at cuesoft.eu>>
>>>                                 wrote:
>>>
>>>                                     Does this link provide correct
>>>                                     credentials for your image:
>>>                                     http://opennebula.org/cloud:sandbox:kvm#what_are_the_users_and_the_passwords?
>>>
>>>
>>>                                     Jens
>>>
>>>                                     --
>>>                                     gpg --keyserver pgp.mit.edu
>>>                                     <http://pgp.mit.edu> --recv-keys
>>>                                     0xDB1CAFB5
>>>
>>>
>>>
>>>
>>>                                     On 12/18/2013 11:31 AM,
>>>                                     Alexander Sibetheros wrote:
>>>                                     > I recently set up a simple 2
>>>                                     node opennebula(ubuntu/kvm)
>>>                                     (using vmware
>>>                                     > vm's), following the tutorial.
>>>                                     >
>>>                                     > I got a centOS vm to run, but
>>>                                     cannot log in.
>>>                                     > I read on other sites that
>>>                                     login in is done via ssh and not
>>>                                     vnc, but
>>>                                     > whenever I ssh root at ..vm_ip
>>>                                     <mailto:root at ..vm_ip>... I get
>>>                                     prompted for password which I
>>>                                     > dont have.
>>>                                     >
>>>                                     >
>>>                                     > I followed this step from the
>>>                                     tutorial(before running I ran
>>>                                     ssh-keygen
>>>                                     > -t dsa, because the id_dsa.pub
>>>                                     file did not exist):
>>>                                     >
>>>                                     > """In order to dynamically add
>>>                                     ssh keys to Virtual Machines we must
>>>                                     > add our ssh key to the user
>>>                                     template, by editing the user
>>>                                     template:
>>>                                     >
>>>                                     > $ EDITOR=vi oneuser update
>>>                                     oneadmin
>>>                                     >
>>>                                     > Add a new line like the
>>>                                     following to the template:
>>>                                     >
>>>                                     > SSH_PUBLIC_KEY="ssh-dss
>>>                                     AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."
>>>                                     >
>>>                                     > Substitute the value above
>>>                                     with the output of |cat
>>>                                     ~/.ssh/id_dsa.pub|."""
>>>                                     >
>>>                                     >
>>>                                     >
>>>                                     > --
>>>                                     > Alexander Sibetheros
>>>                                     >
>>>                                     >
>>>                                     >
>>>                                     _______________________________________________
>>>                                     > Users mailing list
>>>                                     > Users at lists.opennebula.org
>>>                                     <mailto:Users at lists.opennebula.org>
>>>                                     >
>>>                                     http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>
>>>
>>>                                     _______________________________________________
>>>                                     Users mailing list
>>>                                     Users at lists.opennebula.org
>>>                                     <mailto:Users at lists.opennebula.org>
>>>                                     http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>
>>>
>>>
>>>
>>>                                 -- 
>>>                                 Alexander Sibetheros
>>>
>>>                                 _______________________________________________
>>>                                 Users mailing list
>>>                                 Users at lists.opennebula.org
>>>                                 <mailto:Users at lists.opennebula.org>
>>>                                 http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>
>>>
>>>
>>>
>>>
>>>                         -- 
>>>                         Alexander Sibetheros
>>>
>>>
>>>
>>>
>>>
>>>                 -- 
>>>                 Alexander Sibetheros
>>>
>>>
>>>
>>>
>>>             -- 
>>>             Alexander Sibetheros
>>>             Student at University of Athens,
>>>             Department of Informatics and Telecommunications
>>
>>
>>
>>
>>
>>         -- 
>>         Alexander Sibetheros
>>         Student at University of Athens,
>>         Department of Informatics and Telecommunications
>>
>>
>>
>>
>>     -- 
>>     Alexander Sibetheros
>>     Student at University of Athens,
>>     Department of Informatics and Telecommunications
>
>
>     -- 
>     gpg --keyserver pgp.mit.edu <http://pgp.mit.edu> --recv-keys 0xDB1CAFB5
>
>
>
>
> -- 
> Alexander Sibetheros
> Student at University of Athens,
> Department of Informatics and Telecommunications

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20131220/b7888894/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20131220/b7888894/attachment-0002.pgp>


More information about the Users mailing list