You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cloudstack.apache.org by Mo <mo...@daoenix.com> on 2014/05/22 03:14:38 UTC

Proxy Console (RealhostIP Retired) Question

Hello:

I am attempting to find more information (read: step by step) how to
correct the issue that came to be when realhostip was retired.

The links I saw suggested I setup the following for every IP address in my
DNS Zone:

192-168-1-1.cloud.domain.tld        IN    A    192.168.1.1

I have done that for ALL my IPs. Restarted my named/bind service. Not only
am I not obtaining an A record with this configuration, but I am also still
unable to proceed in getting console access as it states it's unable to
resolve the DNS.

All my other DNS resolves without issue, please note; 192.x is just an IP
address I tossed in this e-mail for general purposes, I am utilizing public
subnets.

I have also purchased an SSL certificate went through all of that too, if
someone could point me in the right direction or perhaps offer ideas
(alternates) that would be fantastic.

Thanks,
Mo

Re: Proxy Console (RealhostIP Retired) Question

Posted by Eric Tykwinski <er...@truenet.com>.

Actually, I would second the step by step.  I haven't attempted to transfer to a *.domain.com yet, but would like to see a blog about it.
Citrix's example seems to be a bit lacking in details: http://support.citrix.com/article/CTX133468

PS. I would also add how to use that same cert on the management server as well, as I suck at TomCat... ;o)

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
F: 610-429-3222

On May 21, 2014, at 9:14 PM, Mo <mo...@daoenix.com> wrote:

> Hello:
> 
> I am attempting to find more information (read: step by step) how to
> correct the issue that came to be when realhostip was retired.
> 
> The links I saw suggested I setup the following for every IP address in my
> DNS Zone:
> 
> 192-168-1-1.cloud.domain.tld        IN    A    192.168.1.1
> 
> I have done that for ALL my IPs. Restarted my named/bind service. Not only
> am I not obtaining an A record with this configuration, but I am also still
> unable to proceed in getting console access as it states it's unable to
> resolve the DNS.
> 
> All my other DNS resolves without issue, please note; 192.x is just an IP
> address I tossed in this e-mail for general purposes, I am utilizing public
> subnets.
> 
> I have also purchased an SSL certificate went through all of that too, if
> someone could point me in the right direction or perhaps offer ideas
> (alternates) that would be fantastic.
> 
> Thanks,
> Mo

Re: Proxy Console (RealhostIP Retired) Question

Posted by Erik Weber <te...@gmail.com>.

If the domain names aren't resolving, it would be easier to help you if you
revealed your actual zone data and provided some dig / dns captures.

Do other records for the same domain resolve, e.g. foo.cloud.domain.tld?


Erik Weber


On Thu, May 22, 2014 at 1:46 PM, Mo <mo...@daoenix.com> wrote:

> Alex,
>
> I understood how to upgrade SSL, however; that's not the issue at hand. The
> issue is I am looking for a guide to correctly setup a DNS Zone to allow
> the console to work. As I mentioned in my first update, I have the
> following:
>
> 192-168-1-1.cloud.domain.tld        IN    A    192.168.1.1 (reverted to
> private IP to mask my actual IPs)
>
> I have done that for each of my public facing IP addresses within my DNS
> zone for the particular domain in question. However, in doing so, I am not
> showing this to be resolving; thus resulting me being in a stand still
> unable to continue setting up instances.
>
> Any help would be greatly appreciated.
>
> - mo
>
>
> On Thu, May 22, 2014 at 6:00 AM, Alex Hitchins <alex@alexhitchins.com
> >wrote:
>
> > Hello Mo,
> >
> > You can see our guide here :
> >
> http://shapeblue.com/cloudstack/how-to-mitigate-openssl-heartbleed-vulnerability-in-apache-cloudstack/
> >
> >
> >
> >
> > Alex Hitchins | 07788 423 969 | 01892 523 587
> >
> > -----Original Message-----
> > From: Mo [mailto:mo@daoenix.com]
> > Sent: 22 May 2014 02:15
> > To: users@cloudstack.apache.org; dev
> > Subject: Proxy Console (RealhostIP Retired) Question
> >
> > Hello:
> >
> > I am attempting to find more information (read: step by step) how to
> > correct the issue that came to be when realhostip was retired.
> >
> > The links I saw suggested I setup the following for every IP address in
> my
> > DNS Zone:
> >
> > 192-168-1-1.cloud.domain.tld        IN    A    192.168.1.1
> >
> > I have done that for ALL my IPs. Restarted my named/bind service. Not
> only
> > am I not obtaining an A record with this configuration, but I am also
> still
> > unable to proceed in getting console access as it states it's unable to
> > resolve the DNS.
> >
> > All my other DNS resolves without issue, please note; 192.x is just an IP
> > address I tossed in this e-mail for general purposes, I am utilizing
> public
> > subnets.
> >
> > I have also purchased an SSL certificate went through all of that too, if
> > someone could point me in the right direction or perhaps offer ideas
> > (alternates) that would be fantastic.
> >
> > Thanks,
> > Mo
> >
> >
>

Re: Proxy Console (RealhostIP Retired) Question

Posted by Mo <mo...@daoenix.com>.

Alex,

I understood how to upgrade SSL, however; that's not the issue at hand. The
issue is I am looking for a guide to correctly setup a DNS Zone to allow
the console to work. As I mentioned in my first update, I have the
following:

192-168-1-1.cloud.domain.tld        IN    A    192.168.1.1 (reverted to
private IP to mask my actual IPs)

I have done that for each of my public facing IP addresses within my DNS
zone for the particular domain in question. However, in doing so, I am not
showing this to be resolving; thus resulting me being in a stand still
unable to continue setting up instances.

Any help would be greatly appreciated.

- mo


On Thu, May 22, 2014 at 6:00 AM, Alex Hitchins <al...@alexhitchins.com>wrote:

> Hello Mo,
>
> You can see our guide here :
> http://shapeblue.com/cloudstack/how-to-mitigate-openssl-heartbleed-vulnerability-in-apache-cloudstack/
>
>
>
>
> Alex Hitchins | 07788 423 969 | 01892 523 587
>
> -----Original Message-----
> From: Mo [mailto:mo@daoenix.com]
> Sent: 22 May 2014 02:15
> To: users@cloudstack.apache.org; dev
> Subject: Proxy Console (RealhostIP Retired) Question
>
> Hello:
>
> I am attempting to find more information (read: step by step) how to
> correct the issue that came to be when realhostip was retired.
>
> The links I saw suggested I setup the following for every IP address in my
> DNS Zone:
>
> 192-168-1-1.cloud.domain.tld        IN    A    192.168.1.1
>
> I have done that for ALL my IPs. Restarted my named/bind service. Not only
> am I not obtaining an A record with this configuration, but I am also still
> unable to proceed in getting console access as it states it's unable to
> resolve the DNS.
>
> All my other DNS resolves without issue, please note; 192.x is just an IP
> address I tossed in this e-mail for general purposes, I am utilizing public
> subnets.
>
> I have also purchased an SSL certificate went through all of that too, if
> someone could point me in the right direction or perhaps offer ideas
> (alternates) that would be fantastic.
>
> Thanks,
> Mo
>
>

RE: Proxy Console (RealhostIP Retired) Question

Posted by Alex Hitchins <al...@alexhitchins.com>.

Hello Mo,

You can see our guide here : http://shapeblue.com/cloudstack/how-to-mitigate-openssl-heartbleed-vulnerability-in-apache-cloudstack/




Alex Hitchins | 07788 423 969 | 01892 523 587

-----Original Message-----
From: Mo [mailto:mo@daoenix.com] 
Sent: 22 May 2014 02:15
To: users@cloudstack.apache.org; dev
Subject: Proxy Console (RealhostIP Retired) Question

Hello:

I am attempting to find more information (read: step by step) how to correct the issue that came to be when realhostip was retired.

The links I saw suggested I setup the following for every IP address in my DNS Zone:

192-168-1-1.cloud.domain.tld        IN    A    192.168.1.1

I have done that for ALL my IPs. Restarted my named/bind service. Not only am I not obtaining an A record with this configuration, but I am also still unable to proceed in getting console access as it states it's unable to resolve the DNS.

All my other DNS resolves without issue, please note; 192.x is just an IP address I tossed in this e-mail for general purposes, I am utilizing public subnets.

I have also purchased an SSL certificate went through all of that too, if someone could point me in the right direction or perhaps offer ideas
(alternates) that would be fantastic.

Thanks,
Mo

Re: Proxy Console (RealhostIP Retired) Question

Posted by Amogh Vasekar <am...@citrix.com>.

Hi,
Does the DNS resolve from your local machine? Is the DNS publicly
resolvable, or is it local to your intranet?

Thanks,
Amogh

On 5/21/14 6:14 PM, "Mo" <mo...@daoenix.com> wrote:

>but I am also still
>unable to proceed in getting console access as it states it's unable to
>resolve the DNS.
>
>All my other DNS resolves without issue, please note

Re: Proxy Console (RealhostIP Retired) Question

Posted by Amogh Vasekar <am...@citrix.com>.

Hi,
Does the DNS resolve from your local machine? Is the DNS publicly
resolvable, or is it local to your intranet?

Thanks,
Amogh

On 5/21/14 6:14 PM, "Mo" <mo...@daoenix.com> wrote:

>but I am also still
>unable to proceed in getting console access as it states it's unable to
>resolve the DNS.
>
>All my other DNS resolves without issue, please note