<div dir="ltr"><div><div>I tried everything you suggested but nothing seems to work.<br></div>The vmhost talks with its vm via virbr0 and the other way around(via ping), BUT when I run tcpdump -i virbr0 host 192.168.0.32(The vm) and ping from the vm to the controller, I get:<br>
<br>07:28:29.310158 ARP, Request who-has 192.168.0.20 tell 192.168.0.32, length 28<br><br></div><div>If I ping google I get<br>07:28:29.310158 ARP, Request who-has 192.168.0.1 tell 192.168.0.32, length 28<br><br></div><div>
So It cant see my network..<br><br></div><div>When I try from the controller to ping the vm I get:<br>7:36:50.675465 ARP, Request who-has 192.168.0.32 tell 192.168.0.20, length 46<br>07:36:50.679493 ARP, Reply 192.168.0.32 is-at 02:00:c0:a8:00:20 (oui Unknown), length 28<br>
<br></div><div>I have enabled ip_forward with no difference.<br><br></div><div>I also tried disabling the uwf, but didn't help. <br></div><div><br></div><div>I am certain the problem exists in the vmhost, kvm is doing something wicked... <br>
<br></div><div>Also, when I run a vm, a vnet0 is created on the vmhost, if I disable this then I can no longer ping vmhost <-->vm. But when I tcpdump the vnet0 its empty... <br><br></div><div>Any other ideas I can try?<br>
</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Dec 19, 2013 at 2:12 AM, Jens Hoffmann <span dir="ltr"><<a href="mailto:jens.hoffmann@cuesoft.eu" target="_blank">jens.hoffmann@cuesoft.eu</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Clearly a routing problem. Your
controller won't know how to route packages that are addressed to
your vm instance. Start to use tcpdump -i <interface> in
companion with ping on all the involved interfaces to actually see
where the packages go (and where not). Read and understand your
controllers routing table. You will probably find out that you
need to add a route to the controller's routing table (probably
with route add -net <host bridge ip> netmask <host bridge
netmask> gw <host ip>). Then see how packages arrive at
the host. If packages still don't arrive at the bridge, tell your
hosts network stack to forward packages between its interfaces,
i.e. with echo 1 > /proc/sys/net/ipv4/ip_forward (in debian;
that setting will disappear after a reboot; make it persistent in
/etc/sysctl.conf). <br>
<br>
<br>
Good luck!<div class="im"><br>
<br>
<br>
Jens<br>
<pre cols="72">--
gpg --keyserver <a href="http://pgp.mit.edu" target="_blank">pgp.mit.edu</a> --recv-keys 0xDB1CAFB5</pre>
<br>
<br></div><div><div class="h5">
On 12/18/2013 11:23 PM, Alexander Sibetheros wrote:<br>
</div></div></div><div><div class="h5">
<blockquote type="cite">
<div dir="ltr">
<div>
<div>
<div>
<div>I'm am writing again to clarify I fixed the 1st
problem.<br>
</div>
I was trying to ssh from the root@node instead of
oneadmin@node(which I never used before). I can
successfully ssh, change root password :) Thank you very
much for your ideas.<br>
<br>
I am not able to do such from oneadmin@controller
though(controller->vm, instead of host->vm). Ssh and
ping both fail and I don't understand how tcpdump works.<br>
I did find that there is a problem with the way opennebula
works with ip/mac address of vm's and that a special
script is needed to correctly map them, but I don't really
understand what is going on.<br>
<br>
Specifically I found:<br>
(1) <a href="http://lists.opennebula.org/pipermail/users-opennebula.org/2011-December/007042.html" target="_blank">http://lists.opennebula.org/pipermail/users-opennebula.org/2011-December/007042.html</a><br>
<br>
"Using the CONTEXT cdrom, the init.sh script in executed
at boot time. You<br>
can modify the init.sh script to set your broadcast
address and netmask.<br>
You can hardcode these values, or pass them as a CONTEXT
sub-attribute;<br>
take a look at the DNS example from the contextualization
guide:<br>
"<br>
(2) <a href="http://opennebula.org/documentation:archives:rel3.0:cong" target="_blank">http://opennebula.org/documentation:archives:rel3.0:cong</a><br>
Using Virtual Network Leases within a Virtual Machine<br>
<br>
(3)<a href="http://serverfault.com/questions/331145/bridging-virtual-networking-into-real-lan-on-a-opennebula-cluster" target="_blank">http://serverfault.com/questions/331145/bridging-virtual-networking-into-real-lan-on-a-opennebula-cluster</a><br>
OpenNebula, by design, doesn't actually manage IP
addresses even though <br>
it maintains a pool of them and "leases" them out. What
it's really <br>
doing is assigning a MAC address to the virtual ethernet
interface that <br>
has the desired IP address encoded in the last 4 bytes of
the MAC <br>
address, and it's up to the OS to recognize that and
assign an IP <br>
appropriately.</div>
</div>
</div>
<div class="gmail_extra"><br>
</div>
<div class="gmail_extra">
<br>
<br>
</div>
<div class="gmail_extra">
<div class="gmail_quote">On Wed, Dec 18, 2013 at 10:38 PM,
Alexander Sibetheros <span dir="ltr"><<a href="mailto:alexsibeth@gmail.com" target="_blank">alexsibeth@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>But that is exactly the problem. I can access the
vm via vnc(from sunstone), but get login screen(local
host login/password which I don't know). So, I can't
check for daemons. I read online that for the images
created for kvm/opennebula access is done via
ssh(passwordless). <br>
<br>
</div>
Because the image I am using is prebuilt for opennebula,
I imagine something is wrong in my controller/node
configuration, but do not know where to look. <br>
<div><br>
</div>
</div>
<div>
<div>
<div class="gmail_extra">
<br>
<br>
<div class="gmail_quote">On Wed, Dec 18, 2013 at
10:21 PM, Jens Hoffmann <span dir="ltr"><<a href="mailto:jens.hoffmann@cuesoft.eu" target="_blank">jens.hoffmann@cuesoft.eu</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Can you login into your vms via vnc and
investigate, i.e. if ssh daemon is running
and if ssh keys are correctly inserted into
your login-user's authorized_keys?<br>
<br>
The ping problem may be a routing problem
on your host. Check if the host has
ip_forwarding enabled such that the host
forwards packages between "eth0" and "br0",
that is between the bridge and your host's
physical nic. If this does not help,
investigate your routing tables and try to
track your ping's package flow with tcpdump.
<div><br>
<br>
<br>
<br>
Jens<br>
-- gpg --keyserver <a href="http://pgp.mit.edu" target="_blank">pgp.mit.edu</a>
--recv-keys 0xDB1CAFB5 <br>
<br>
<br>
</div>
<div>
<div> On 12/18/2013 07:52 PM, Alexander
Sibetheros wrote:<br>
</div>
</div>
</div>
<div>
<div>
<blockquote type="cite">
<div dir="ltr">
<div>I would like to note that when I
added tty-linux - kvm from the
marketplace, created a simple
template(same as the centOS), and
run it, I was able to login and use
the vm. So I know the host works,
and my problem most likely is in the
way ssh works from the controller to
vm's...<br>
<br>
</div>
<div>Also noteworthy, I cannot ping
the vm's from the controller...only
from the host. Im not sure this is
correct or not.<br>
</div>
<br>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Wed, Dec
18, 2013 at 4:48 PM, Alexander
Sibetheros <span dir="ltr"><<a href="mailto:alexsibeth@gmail.com" target="_blank">alexsibeth@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">I am following this
tutorial, as closely as
possible: <a href="http://www.opennebula.org/documentation:rel4.4:qs_ubuntu_kvm" target="_blank">http://www.opennebula.org/documentation:rel4.4:qs_ubuntu_kvm</a><br>
<br>
TEMPLATE 0
INFORMATION
<br>
ID :
0 <br>
NAME :
CentOS-6.4 <br>
USER :
oneadmin <br>
GROUP :
oneadmin <br>
REGISTER TIME : 12/16
13:44:54 <br>
<br>
PERMISSIONS
<br>
OWNER :
um- <br>
GROUP :
--- <br>
OTHER :
--- <br>
<br>
TEMPLATE
CONTENTS
<br>
CONTEXT=[<br>
SSH_PUBLIC_KEY="$USER[SSH_PUBLIC_KEY]"
]<br>
CPU="1.0"<br>
DISK=[<br>
IMAGE="CentOS-6.4_x86_64" ]<br>
GRAPHICS=[<br>
LISTEN="0.0.0.0",<br>
TYPE="vnc" ]<br>
MEMORY="512"<br>
NIC=[<br>
NETWORK="private" ]<br>
OS=[<br>
ARCH="x86_64" ]<br>
VCPU="1"<br>
<br>
</div>
<div class="gmail_extra">
<div>
<div><br>
<br>
<div class="gmail_quote">On
Wed, Dec 18, 2013 at 4:35
PM, Carlos Martín Sánchez
<span dir="ltr"><<a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div class="gmail_extra">Hi
Alexander,</div>
<div class="gmail_extra"><br>
</div>
<div class="gmail_extra">
On Wed, Dec 18, 2013
at 3:28 PM,
Alexander
Sibetheros <span dir="ltr"><<a href="mailto:alexsibeth@gmail.com" target="_blank">alexsibeth@gmail.com</a>></span> wrote:
<div><br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">I'll
give the docs
you sent a
look but my
configurations
where the
default in the
tutorial:<br>
<pre>$ oneimage create --name "CentOS-6.4_x86_64" \
--path "<a href="http://us.cloud.centos.org/i/one/c6-x86_64-20130910-1.qcow2.bz2" target="_blank">http://us.cloud.centos.org/i/one/c6-x86_64-20130910-1.qcow2.bz2</a>" \
--driver qcow2 \
--datastore default
$ onetemplate create --name "CentOS-6.4" --cpu 1 --vcpu 1 --memory 512 \
--arch x86_64 --disk "CentOS-6.4_x86_64" --nic "private" --vnc \
--ssh
</pre>
<pre>Before creating the vm I added the ssh parameters to the user:<div>
"""$ EDITOR=vi oneuser update oneadmin
Add a new line like the following to the template:
SSH_PUBLIC_KEY="ssh-dss AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."
Substitute the value above with the output of cat ~/.ssh/id_dsa.pub."""</div></pre>
<pre>$ onetemplate instantiate "CentOS-6.4" --name "My Scratch VM"</pre>
</div>
</blockquote>
</div>
</div>
<div class="gmail_extra"><br>
</div>
<div class="gmail_extra">Which
tutorial are you
following?</div>
<div class="gmail_extra">
And could you paste
the output of
onetemplate show
<id>?</div>
<div class="gmail_extra"><br>
</div>
<div class="gmail_extra">Regards</div>
<div class="gmail_extra">
<div>
<div>
<div dir="ltr">--<br>
<div>Carlos
Martín, MSc<br>
Project
Engineer</div>
<div>OpenNebula
- Flexible
Enterprise
Cloud Made
Simple<br>
<div><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="http://www.OpenNebula.org" target="_blank">www.OpenNebula.org</a>
| <a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a>
| <a href="http://twitter.com/opennebula" target="_blank">@OpenNebula</a></span><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"></span></div>
</div>
</div>
</div>
<br>
<br>
</div>
<div>
<div>
<div class="gmail_quote">On
Wed, Dec 18,
2013 at 3:28
PM, Alexander
Sibetheros <span dir="ltr"><<a href="mailto:alexsibeth@gmail.com" target="_blank">alexsibeth@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">I'll
give the docs
you sent a
look but my
configurations
where the
default in the
tutorial:<br>
<pre>$ oneimage create --name "CentOS-6.4_x86_64" \
--path "<a href="http://us.cloud.centos.org/i/one/c6-x86_64-20130910-1.qcow2.bz2" target="_blank">http://us.cloud.centos.org/i/one/c6-x86_64-20130910-1.qcow2.bz2</a>" \
--driver qcow2 \
--datastore default
$ onetemplate create --name "CentOS-6.4" --cpu 1 --vcpu 1 --memory 512 \
--arch x86_64 --disk "CentOS-6.4_x86_64" --nic "private" --vnc \
--ssh
</pre>
<pre>Before creating the vm I added the ssh parameters to the user:<div>
"""$ EDITOR=vi oneuser update oneadmin
Add a new line like the following to the template:
SSH_PUBLIC_KEY="ssh-dss AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."
Substitute the value above with the output of cat ~/.ssh/id_dsa.pub."""</div></pre>
<pre>$ onetemplate instantiate "CentOS-6.4" --name "My Scratch VM"
</pre>
<br>
<div class="gmail_extra">
<div>
<div><br>
<br>
<div class="gmail_quote">On
Wed, Dec 18,
2013 at 2:05
PM, Carlos
Martín Sánchez
<span dir="ltr"><<a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">Hi,
<div><br>
</div>
<div>On Wed,
Dec 18, 2013
at 12:03 PM,
Alexander
Sibetheros <span dir="ltr"><<a href="mailto:alexsibeth@gmail.com" target="_blank">alexsibeth@gmail.com</a>></span> wrote:
<div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>I checked
the
marketplace..
all vms for
xen/vmware
bases have
default
username/passwords.<br>
</div>
KVM on the
otherhand
writes: Add
`SSH_PUBLIC_KEY`
to
contextualization
to set root
credentials. </div>
</blockquote>
</div>
</div>
<div><br>
</div>
<div>I assume
you are using
this image
from the
marketplace:</div>
<div><a href="http://docs.opennebula.org/stable/administration/references/schg.html#configuration" target="_blank">http://docs.opennebula.org/stable/administration/references/schg.html#configuration</a><br>
</div>
<div><br>
</div>
<div>Maybe the
problem is a
wrong syntax
in the VM
template. Can
you paste its
contents?</div>
<div>It should
follow the
syntax
described
here:</div>
<div><a href="http://docs.opennebula.org/stable/user/references/template.html?highlight=context#context-section" target="_blank">http://docs.opennebula.org/stable/user/references/template.html?highlight=context#context-section</a><br>
</div>
<div><br>
</div>
<div>You can
read more
about the
contextualization
mechanism
here:</div>
<div><a href="http://docs.opennebula.org/stable/user/virtual_machine_setup/context_overview.html" target="_blank">http://docs.opennebula.org/stable/user/virtual_machine_setup/context_overview.html</a><br>
</div>
<div><br>
</div>
<div>Regards</div>
<div class="gmail_extra"><br clear="all">
<div>
<div dir="ltr">--<br>
<div>Carlos
Martín, MSc<br>
Project
Engineer</div>
<div>OpenNebula
- Flexible
Enterprise
Cloud Made
Simple<br>
<div><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="http://www.OpenNebula.org" target="_blank">www.OpenNebula.org</a>
| <a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a>
| <a href="http://twitter.com/opennebula" target="_blank">@OpenNebula</a></span><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"></span></div>
</div>
</div>
</div>
<div>
<div> <br>
<br>
<div class="gmail_quote">On
Wed, Dec 18,
2013 at 12:03
PM, Alexander
Sibetheros <span dir="ltr"><<a href="mailto:alexsibeth@gmail.com" target="_blank">alexsibeth@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>Unfortunately
no..<br>
I checked the
marketplace..
all vms for
xen/vmware
bases have
default
username/passwords.<br>
</div>
KVM on the
otherhand
writes: Add
`SSH_PUBLIC_KEY`
to
contextualization
to set root
credentials. <br>
</div>
<br>
</div>
<br>
</div>
<div class="gmail_extra">
<div>
<div><br>
<br>
<div class="gmail_quote">On
Wed, Dec 18,
2013 at 12:47
PM, Jens
Hoffmann <span dir="ltr"><<a href="mailto:jens.hoffmann@cuesoft.eu" target="_blank">jens.hoffmann@cuesoft.eu</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Does this link
provide
correct
credentials
for your
image:<br>
<a href="http://opennebula.org/cloud:sandbox:kvm#what_are_the_users_and_the_passwords" target="_blank">http://opennebula.org/cloud:sandbox:kvm#what_are_the_users_and_the_passwords</a>?<br>
<br>
<br>
Jens<br>
<br>
--<br>
gpg
--keyserver <a href="http://pgp.mit.edu" target="_blank">pgp.mit.edu</a>
--recv-keys
0xDB1CAFB5<br>
<div>
<div><br>
<br>
<br>
<br>
On 12/18/2013
11:31 AM,
Alexander
Sibetheros
wrote:<br>
> I
recently set
up a simple 2
node
opennebula(ubuntu/kvm)
(using vmware<br>
> vm's),
following the
tutorial.<br>
><br>
> I got a
centOS vm to
run, but
cannot log in.<br>
> I read on
other sites
that login in
is done via
ssh and not
vnc, but<br>
> whenever
I ssh <a href="mailto:root@..vm_ip" target="_blank">root@..vm_ip</a>... I get
prompted for
password which
I<br>
> dont
have.<br>
><br>
><br>
> I
followed this
step from the
tutorial(before
running I ran
ssh-keygen<br>
> -t dsa,
because the
id_dsa.pub
file did not
exist):<br>
><br>
> """In
order to
dynamically
add ssh keys
to Virtual
Machines we
must<br>
> add our
ssh key to the
user template,
by editing the
user template:<br>
><br>
> $
EDITOR=vi
oneuser update
oneadmin<br>
><br>
> Add a new
line like the
following to
the template:<br>
><br>
>
SSH_PUBLIC_KEY="ssh-dss
AAAAB3NzaC1kc3MAAACBANBWTQmm4Gt..."<br>
><br>
>
Substitute the
value above
with the
output of |cat
~/.ssh/id_dsa.pub|."""<br>
><br>
><br>
><br>
> --<br>
> Alexander
Sibetheros<br>
><br>
><br>
</div>
</div>
>
_______________________________________________<br>
> Users
mailing list<br>
> <a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a><br>
> <a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
<br>
<br>
_______________________________________________<br>
Users mailing
list<br>
<a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a><br>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
</div>
</div>
<span><font color="#888888">--
<br>
<div dir="ltr">
<div>
<div>
<div>Alexander
Sibetheros<br>
</div>
</div>
</div>
</div>
</font></span></div>
<br>
_______________________________________________<br>
Users mailing
list<br>
<a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a><br>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<br>
</div>
</div>
<span><font color="#888888">--
<br>
<div dir="ltr">
<div>
<div>
<div>Alexander
Sibetheros<br>
</div>
</div>
</div>
</div>
</font></span></div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<br>
</div>
</div>
<span><font color="#888888">-- <br>
<div dir="ltr">
<div>
<div>
<div>Alexander
Sibetheros<br>
</div>
</div>
</div>
</div>
</font></span></div>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<div dir="ltr">
<div>
<div>
<div>Alexander Sibetheros<br>
</div>
<div>Student at University of
Athens,<br>
Department of Informatics and
Telecommunications <br>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<div dir="ltr">
<div>
<div>
<div>Alexander Sibetheros<br>
</div>
<div>Student at University of Athens,<br>
Department of Informatics and
Telecommunications <br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<div dir="ltr">
<div>
<div>
<div>Alexander Sibetheros<br>
</div>
<div>Student at University of Athens,<br>
Department of Informatics and Telecommunications <br>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
<br>
<pre cols="72">--
gpg --keyserver <a href="http://pgp.mit.edu" target="_blank">pgp.mit.edu</a> --recv-keys 0xDB1CAFB5</pre>
</div></div></div>
</blockquote></div><br><br clear="all"><br>-- <br><div dir="ltr"><div><div><div>Alexander Sibetheros<br></div><div>Student at University of Athens,<br>Department of Informatics and Telecommunications <br></div></div></div>
</div>
</div>