[one-users] virtual network cannot get out
Valentin Bud
valentin.bud at gmail.com
Tue May 13 00:01:47 PDT 2014
Hello Neil,
Please see in line for answer and additional question that would help us
to nail down the problem.
On Mon, May 12, 2014 at 9:42 PM, Neil Schneider <neil at ifxonline.com> wrote:
> More data points.
>
> I ran tcpdump on the host through the entire instantiation of a host and
> boot up. Although somehow it appeared to get an address from the DHCP
> server in the network, I saw no dhcp data. I could see arp conversations
> for other hosts on the network, so I would expect it to see everything, if
> it passed out of the host interface. The only outside connection through
> the bridge should be through em1 on the host.
>
> tcpdump -nnvvXXSs 1514 -w cloud1.pcap
>
I think the above would listen and capture packets on the first Ethernet
interface
*only*. I have tested it on my PC, a Debian Wheezy machine with 2 Ethernet
cards
and that's what it does. I don't know what OS are you using so your mileage
may vary.
>
> I used wireshark to look through the file, but did not see any DHCP
> conversation, in fact I saw no network traffic whatsoever from the virtual
> host. I'm beginning to think either I have the virtual network
> misconfigured or opennebula is doing something different than I expect.
>
See my comment above about tcpdump. What bridge do you expect your
VM to connect to? Pass -i <bridge-name> to tcpdump and recheck.
>
> onevnet list
> ID USER GROUP NAME CLUSTER TYPE BRIDGE
> LEASES
> 0 oneadmin oneadmin management ifx-produc R manageme
> 0
> 1 oneadmin oneadmin storage ifx-produc R storage
> 0
> 6 oneadmin oneadmin public ifx-produc R public
> 0
>
> onevnet show 0
> VIRTUAL NETWORK 0 INFORMATION
> ID : 0
> NAME : management
> USER : oneadmin
> GROUP : oneadmin
> CLUSTER : ifx-production
> TYPE : RANGED
> BRIDGE : management
> VLAN : Yes
> VLAN ID : 10
> USED LEASES : 0
>
> PERMISSIONS
> OWNER : uma
> GROUP : uma
> OTHER : u--
>
> VIRTUAL NETWORK TEMPLATE
> NETWORK_ADDRESS="10.1.4.0"
> NETWORK_MASK="255.255.255.0"
>
> RANGE
> IP_START : 10.1.4.30
> IP_END : 10.1.4.40
>
> VIRTUAL MACHINES
>
> onevnet show 1
> VIRTUAL NETWORK 1 INFORMATION
> ID : 1
> NAME : storage
> USER : oneadmin
> GROUP : oneadmin
> CLUSTER : ifx-production
> TYPE : RANGED
> BRIDGE : storage
> VLAN : Yes
> VLAN ID : 20
> USED LEASES : 0
>
> PERMISSIONS
> OWNER : uma
> GROUP : uma
> OTHER : u--
>
> VIRTUAL NETWORK TEMPLATE
> NETWORK_ADDRESS="10.1.2.0"
> NETWORK_MASK="255.255.255.0"
>
> RANGE
> IP_START : 10.1.2.30
> IP_END : 10.1.2.40
>
> VIRTUAL MACHINES
>
> onevnet show 6
> VIRTUAL NETWORK 6 INFORMATION
> ID : 6
> NAME : public
> USER : oneadmin
> GROUP : oneadmin
> CLUSTER : ifx-production
> TYPE : RANGED
> BRIDGE : public
> VLAN : No
> USED LEASES : 0
>
> PERMISSIONS
> OWNER : uma
> GROUP : um-
> OTHER : u--
>
> VIRTUAL NETWORK TEMPLATE
> DNS="172.16.168.1"
> GATEWAY="172.16.168.1"
> NETWORK_ADDRESS="172.16.168.0"
> NETWORK_MASK="255.255.255.0"
>
> RANGE
> IP_START : 172.16.168.30
> IP_END : 172.16.168.49
>
> VIRTUAL MACHINES
>
As I can see on the above onevnet output none of your virtual network have
a VM connected to it. It should appear under VIRTUAL MACHINES section in
one of your vnets. Have you skipped that output or wasn't any VM running at
the time you've printed the output.
A couple of more question regarding your setup follow.
1. Have you created the host on which you want to deploy VMs using onehost
create
with the proper network driver, ovswitch or ovswitch_brcompat. It could
help the output
of onehost list and onehost show <id>.
2. Do you want/need to use DHCP in the VM? How are you going to keep in
sync the
MAC - IP pair from OpenNebula with the one from your DHCP server?
3. What OS are you running in the hosts, what about the VM?
4. What are the logs of the VM, on the frontend, saying? You can find them
at /var/log/one/<VMID>.log.
5. What are the Open vSwitch logs saying on the hosts your VM get deployed
onto?
After answering this question maybe I or others can help you further.
Best,
Valentin
>
> On Wed, May 7, 2014 2:26 am, Leszek Master wrote:
> > Do you see any traffic from VM using tcpdump on em1?
> >
> >
> > 2014-05-07 1:21 GMT+02:00 Neil Schneider <neil at ifxonline.com>:
> >
> >> I've been trying to work through this problem for two days and haven't
> >> found the solution. I'm using opennebula to create virtual networks
> >> using
> >> openvswitch.
> >>
> >> [root at cloud1 ~]# ovs-vsctl show
> >> c6def17d-2cc6-499e-a461-af4fe9aab78a
> >> Bridge management
> >> Port management
> >> Interface management
> >> type: internal
> >> Port "vlan10"
> >> tag: 10
> >> Interface "vlan10"
> >> type: internal
> >> Bridge public
> >> Port "em1"
> >> Interface "em1"
> >> Port "vnet0"
> >> Interface "vnet0"
> >> Port public
> >> Interface public
> >> type: internal
> >> Bridge storage
> >> Port storage
> >> Interface storage
> >> type: internal
> >> Port "vlan20"
> >> tag: 20
> >> Interface "vlan20"
> >> type: internal
> >> ovs_version: "2.1.0"
> >>
> >> From the opennebula server I can see this.
> >>
> >> onevnet list
> >> ID USER GROUP NAME CLUSTER TYPE BRIDGE
> >> LEASES
> >> 0 oneadmin oneadmin management ifx-produc R
> >> manageme
> >> 0
> >> 1 oneadmin oneadmin storage ifx-produc R storage
> >> 0
> >> 6 oneadmin oneadmin public ifx-produc R public
> >> 1
> >>
> >> I've followed the instruction for configuring the hosting server so that
> >> oneadmin has rights to access /var/lib/one on the hosting server as well
> >> as sudo access to the scripts needed to create networks.
> >>
> >>
> >> I have all the changes recommended to allow oneadmin to execute commands
> >> through ssh to cloud1 the hosting server.
> >>
> >> oneadmin ALL=(ALL) NOPASSWD: /usr/sbin/tgtadm, /sbin/lvcreate,
> >> /sbin/lvremove, /bin/dd, /usr/bin/ovs-vsctl, /usr/bin/ovs-ofctl,
> >> /usr/bin/ovs-dpctl, /sbin/iptables, /sbin/ebtables
> >>
> >> I can instantiate hosts from templates and everything works as expected.
> >> When I bring up a virtual host, it gets an IP from the dhcp server
> >> running
> >> in the network. Not from the virtual network. Sorry, I can't cut and
> >> paste
> >> that part, since the only way I can access the virtual machine is
> >> through
> >> either VNC in sunstone or with virt-manager.
> >>
> >> I have another server running ovswitch that works fine. The main
> >> difference is that I used virt-manager to create the hosts, instead of
> >> opennebula. Those five virtual servers connect fine.
> >>
> >> [root at cloud2 ~]# ovs-vsctl show
> >> aa56747f-d5a2-41b0-a998-48add3c62562
> >> Bridge public
> >> Port "vnet4"
> >> Interface "vnet4"
> >> Port "vnet0"
> >> Interface "vnet0"
> >> Port "vnet3"
> >> Interface "vnet3"
> >> Port public
> >> Interface public
> >> type: internal
> >> Port "em1"
> >> Interface "em1"
> >> Port "vnet1"
> >> Interface "vnet1"
> >> Port "vnet2"
> >> Interface "vnet2"
> >> ovs_version: "2.1.0"
> >>
> >>
> >> On cloud1 after the host gets it's IP address from the dhcp server
> >> running
> >> in our network, it can no longer connect to anything. I've checked
> >> iptables rules, flushed them for testing, just to make sure. Everything
> >> seems right, but the network isn't working.
> >>
> >> Sure would like to buy a clue. I've been searching the web for an answer
> >> or an idea what to do to diagnose it. I suspect what's happening is that
> >> opennebula/sunstone is not creating the interface properly. As I
> >> understand the ip should be assigned to the bridge, not the virtual
> >> interface.
> >>
> >> Sure could use some help. Even a pointer to a web site with the right
> >> answer would be appreciated. I haven't been able to find it myself.
> >>
> >> Sorry for cross posting, but I couldn't decide which list to post to, so
> >> I
> >> did both.
> >>
> >> --
> >> Neil Schneider pacneil_at_linuxgeek_dot_net
> >>
> >> This is your life. Do what you love, and do it often. If you don’t
> >> like
> >> something, change it. If you don’t like your job, quit. If you don’t
> >> have
> >> enough time, stop watching TV. If you are looking for the love of your
> >> life, stop; they will be waiting for you when you start doing things you
> >> love.â€
> >>
> >> _______________________________________________
> >> Users mailing list
> >> Users at lists.opennebula.org
> >> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
> >>
> >
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
--
Valentin Bud
http://databus.pro | valentin at databus.pro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20140513/9d4d6d5f/attachment-0001.htm>
More information about the Users
mailing list