You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by jordan j <yo...@gmail.com> on 2023/02/07 16:31:10 UTC
packer for Cloudstack without public ip
Hello everyone,
Has anyone used Packer to build images on CS?
I decided to try it out but it looks like it needs a public IP to access
the VM console and push the initial ISO installation config.
Unfortunately the setup I am working with does not create a public network
(by design - ACS 4.17.2 Advanced Zone + Security Groups).
So when Packer does queue the API with associateIpAddress
<https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html>
to
get public IP - error "Insufficient address capacity" is returned as none
is found.
Moreover the SSVMs use one of the guest networks (For example 172.20.0.0/24)
to get an IP and use it for public services. The Console SVM uses guest IP
(172.20.0.10) as an access point when the console is requested from GUI and
it works.
However when I put that IP in Packer config as a public ip so it does not
do a search query the following error is received - "Error retrieving UUID
of IP address 172.20.0.10". I suppose that happens because the guest IP is
not listed as public in the ACS Database.
Is there a way to list a guest ip manually as a public?
Do you know of any workaround for using a Packer with a config without
public IPs?
Regards,
Jordan
Re: packer for Cloudstack without public ip
Posted by jordan j <yo...@gmail.com>.
This worked - with and without networkid
list publicipaddresses forvirtualnetwork=false allocatedonly=false
Here is an example for one of the IPs:
{
"fordisplay": true,
"forvirtualnetwork": false,
"hasannotations": false,
"id": "5718a19c-16c1-4f44-af89-41426a8ccbd3",
"ipaddress": "172.20.0.100",
"isportable": false,
"issourcenat": false,
"isstaticnat": false,
"issystem": false,
"networkid": "713fd8be-8f3f-4103-9e16-03906a712343",
"networkname": "defaultGuestNetwork",
"physicalnetworkid": "37b9626e-2d77-443e-9c90-5dc2076831e8",
"state": "Free",
"tags": [],
"vlanid": "f943c7a6-47b9-43b3-aabf-381bd31c3682",
"vlanname": "500",
"zoneid": "e169566f-4528-4505-85aa-1da6e54d5e25",
"zonename": "test-sg"
}
I guess I will have to rebuild the Cloudstack Packer provider with these
options in mind and it will work.
Regards,
Jordan
On Wed, Feb 8, 2023 at 3:44 PM Wei ZHOU <us...@gmail.com> wrote:
> Hi Jordan,
>
> You may have missed some sentences in my previous reply.
>
> *forvirtualnetwork = false (for shared networks)*
>
> *allocatedonly = false (list all IPs including Free Ips, you can use
> state=Free instead)*
> *networkid = <id of the shared network>*
>
> *-Wei*
>
>
>
> On Wed, 8 Feb 2023 at 14:20, jordan j <yo...@gmail.com> wrote:
>
> > i use the command in cloudmonkey with and without the zone. nothing
> fancy.
> >
> > (localcloud) 🐱 > list publicipaddresses
> > (localcloud) 🐱 > list publicipaddresses
> > zoneid=e169566f-4528-4505-85aa-1da6e54d5e25
> >
> > On Wed, Feb 8, 2023 at 3:14 PM Wei ZHOU <us...@gmail.com> wrote:
> >
> > > Hi Jordan,
> > >
> > > Can you share the commands ?
> > >
> > > -Wei
> > >
> > > On Wed, 8 Feb 2023 at 14:09, jordan j <yo...@gmail.com> wrote:
> > >
> > > > Just deployed a new advanced zone with SG and created a few networks
> > > based
> > > > on the DefaultSharedNetworkOfferingWithSGService and that still shows
> > > empty
> > > > listPublicIpAddresses result.
> > > >
> > > > I also tried to deploy an advanced zone with SG from GUI so it uses
> > > default
> > > > settings but the result is the same with no public ip output.
> > > > Weird.
> > > >
> > > > On Wed, Feb 8, 2023 at 12:53 PM Wei ZHOU <us...@gmail.com>
> > wrote:
> > > >
> > > > > Hi Jodan,
> > > > >
> > > > > listPublicIpAddresses works for me (in advanced zone with security
> > > > groups)
> > > > >
> > > > > The two options you mentioned are not related I think.
> > > > >
> > > > >
> > > > > -Wei
> > > > >
> > > > > On Wed, 8 Feb 2023 at 10:48, jordan j <yo...@gmail.com> wrote:
> > > > >
> > > > > > Thank you Wei,
> > > > > >
> > > > > > I managed to progress a lot from your advice!
> > > > > > listPublicIpAddresses - give empty output. So I assumed CS does
> not
> > > > > > consider the SG network ips public by default.
> > > > > >
> > > > > > On the setup I do not use the default SG(id=7) Network offering
> > but a
> > > > > > custom one(id=21) so I compared the two and found the following
> > > > > > differences:
> > > > > > +----+----------------------+-------------------------+
> > > > > > | id | dedicated_lb_service | eip_associate_public_ip |
> > > > > > +----+----------------------+-------------------------+
> > > > > > | 7 | 1 |
> 1 |
> > > > > > | 21 | 0 | 0
> |
> > > > > > +----+----------------------+-------------------------+
> > > > > >
> > > > > > So my question is which one is necessary for the ips to be
> > considered
> > > > > > public and also how to apply both options when creating the
> network
> > > > > > offering from CLI?
> > > > > > From the API doc I see that there is an argument called
> > > > > > *servicecapabilitylist *but there is information on how to use
> it.
> > > > > >
> > > > > > I found a few code snippets on how to use it:
> > > > > > service_capabilities:
> > > > > > - {service: 'SourceNat', capabilitytype: 'RedundantRouter',
> > > > > > capabilityvalue: true}
> > > > > > - {service: 'Connectivity', capabilitytype:
> > 'DistributedRouter',
> > > > > > capabilityvalue: true}
> > > > > > - {service: 'Connectivity', capabilitytype: 'RegionLevelVPC',
> > > > > > capabilityvalue: true}
> > > > > >
> > > > > > but i can't find a list of services and capability types to be
> > used
> > > as
> > > > > > input to change dedicated_lb_service and
> eip_associate_public_ip.
> > > > > > Is such list present somewhere?
> > > > > >
> > > > > > Regards,
> > > > > > Jordan
> > > > > >
> > > > > >
> > > > > > On Wed, Feb 8, 2023 at 9:56 AM Wei ZHOU <us...@gmail.com>
> > > wrote:
> > > > > >
> > > > > > > Hi Jordan,
> > > > > > >
> > > > > > > The API associateIpAddress does not work for advanced zones
> with
> > > > > security
> > > > > > > groups.
> > > > > > >
> > > > > > > In advanced zones with security groups, all Ips are public. You
> > can
> > > > use
> > > > > > the
> > > > > > > API "listPublicIpAddresses" to get a list of IPs.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/listPublicIpAddresses.html
> > > > > > >
> > > > > > > *forvirtualnetwork = false (for shared networks)*
> > > > > > >
> > > > > > > *allocatedonly = false (list all IPs including Free Ips, you
> can
> > > use
> > > > > > > state=Free instead)*
> > > > > > >
> > > > > > > *networkid = <id of the shared network>*
> > > > > > >
> > > > > > > -Wei
> > > > > > >
> > > > > > > On Wed, 8 Feb 2023 at 08:36, jordan j <yo...@gmail.com>
> > wrote:
> > > > > > >
> > > > > > > > Hello everyone,
> > > > > > > >
> > > > > > > > Has anyone used Packer to build images on CS?
> > > > > > > > I decided to try it out but it looks like it needs a public
> IP
> > to
> > > > > > access
> > > > > > > > the VM console and push the initial ISO installation config.
> > > > > > > >
> > > > > > > > Unfortunately the setup I am working with does not create a
> > > public
> > > > > > > network
> > > > > > > > (by design - ACS 4.17.2 Advanced Zone + Security Groups).
> > > > > > > > So when Packer does queue the API with associateIpAddress
> > > > > > > > <
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html
> > > > > > > > >
> > > > > > > > to
> > > > > > > > get public IP - error "Insufficient address capacity" is
> > returned
> > > > as
> > > > > > none
> > > > > > > > is found.
> > > > > > > >
> > > > > > > > Moreover the SSVMs use one of the guest networks (For example
> > > > > > > > 172.20.0.0/24)
> > > > > > > > to get an IP and use it for public services. The Console SVM
> > uses
> > > > > guest
> > > > > > > IP
> > > > > > > > (172.20.0.10) as an access point when the console is
> requested
> > > from
> > > > > GUI
> > > > > > > and
> > > > > > > > it works.
> > > > > > > >
> > > > > > > > However when I put that IP in Packer config as a public ip so
> > it
> > > > does
> > > > > > not
> > > > > > > > do a search query the following error is received - "Error
> > > > retrieving
> > > > > > > UUID
> > > > > > > > of IP address 172.20.0.10". I suppose that happens because
> the
> > > > guest
> > > > > IP
> > > > > > > is
> > > > > > > > not listed as public in the ACS Database.
> > > > > > > >
> > > > > > > > Is there a way to list a guest ip manually as a public?
> > > > > > > > Do you know of any workaround for using a Packer with a
> config
> > > > > without
> > > > > > > > public IPs?
> > > > > > > >
> > > > > > > > Regards,
> > > > > > > > Jordan
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: packer for Cloudstack without public ip
Posted by Wei ZHOU <us...@gmail.com>.
Hi Jordan,
You may have missed some sentences in my previous reply.
*forvirtualnetwork = false (for shared networks)*
*allocatedonly = false (list all IPs including Free Ips, you can use
state=Free instead)*
*networkid = <id of the shared network>*
*-Wei*
On Wed, 8 Feb 2023 at 14:20, jordan j <yo...@gmail.com> wrote:
> i use the command in cloudmonkey with and without the zone. nothing fancy.
>
> (localcloud) 🐱 > list publicipaddresses
> (localcloud) 🐱 > list publicipaddresses
> zoneid=e169566f-4528-4505-85aa-1da6e54d5e25
>
> On Wed, Feb 8, 2023 at 3:14 PM Wei ZHOU <us...@gmail.com> wrote:
>
> > Hi Jordan,
> >
> > Can you share the commands ?
> >
> > -Wei
> >
> > On Wed, 8 Feb 2023 at 14:09, jordan j <yo...@gmail.com> wrote:
> >
> > > Just deployed a new advanced zone with SG and created a few networks
> > based
> > > on the DefaultSharedNetworkOfferingWithSGService and that still shows
> > empty
> > > listPublicIpAddresses result.
> > >
> > > I also tried to deploy an advanced zone with SG from GUI so it uses
> > default
> > > settings but the result is the same with no public ip output.
> > > Weird.
> > >
> > > On Wed, Feb 8, 2023 at 12:53 PM Wei ZHOU <us...@gmail.com>
> wrote:
> > >
> > > > Hi Jodan,
> > > >
> > > > listPublicIpAddresses works for me (in advanced zone with security
> > > groups)
> > > >
> > > > The two options you mentioned are not related I think.
> > > >
> > > >
> > > > -Wei
> > > >
> > > > On Wed, 8 Feb 2023 at 10:48, jordan j <yo...@gmail.com> wrote:
> > > >
> > > > > Thank you Wei,
> > > > >
> > > > > I managed to progress a lot from your advice!
> > > > > listPublicIpAddresses - give empty output. So I assumed CS does not
> > > > > consider the SG network ips public by default.
> > > > >
> > > > > On the setup I do not use the default SG(id=7) Network offering
> but a
> > > > > custom one(id=21) so I compared the two and found the following
> > > > > differences:
> > > > > +----+----------------------+-------------------------+
> > > > > | id | dedicated_lb_service | eip_associate_public_ip |
> > > > > +----+----------------------+-------------------------+
> > > > > | 7 | 1 | 1 |
> > > > > | 21 | 0 | 0 |
> > > > > +----+----------------------+-------------------------+
> > > > >
> > > > > So my question is which one is necessary for the ips to be
> considered
> > > > > public and also how to apply both options when creating the network
> > > > > offering from CLI?
> > > > > From the API doc I see that there is an argument called
> > > > > *servicecapabilitylist *but there is information on how to use it.
> > > > >
> > > > > I found a few code snippets on how to use it:
> > > > > service_capabilities:
> > > > > - {service: 'SourceNat', capabilitytype: 'RedundantRouter',
> > > > > capabilityvalue: true}
> > > > > - {service: 'Connectivity', capabilitytype:
> 'DistributedRouter',
> > > > > capabilityvalue: true}
> > > > > - {service: 'Connectivity', capabilitytype: 'RegionLevelVPC',
> > > > > capabilityvalue: true}
> > > > >
> > > > > but i can't find a list of services and capability types to be
> used
> > as
> > > > > input to change dedicated_lb_service and eip_associate_public_ip.
> > > > > Is such list present somewhere?
> > > > >
> > > > > Regards,
> > > > > Jordan
> > > > >
> > > > >
> > > > > On Wed, Feb 8, 2023 at 9:56 AM Wei ZHOU <us...@gmail.com>
> > wrote:
> > > > >
> > > > > > Hi Jordan,
> > > > > >
> > > > > > The API associateIpAddress does not work for advanced zones with
> > > > security
> > > > > > groups.
> > > > > >
> > > > > > In advanced zones with security groups, all Ips are public. You
> can
> > > use
> > > > > the
> > > > > > API "listPublicIpAddresses" to get a list of IPs.
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/listPublicIpAddresses.html
> > > > > >
> > > > > > *forvirtualnetwork = false (for shared networks)*
> > > > > >
> > > > > > *allocatedonly = false (list all IPs including Free Ips, you can
> > use
> > > > > > state=Free instead)*
> > > > > >
> > > > > > *networkid = <id of the shared network>*
> > > > > >
> > > > > > -Wei
> > > > > >
> > > > > > On Wed, 8 Feb 2023 at 08:36, jordan j <yo...@gmail.com>
> wrote:
> > > > > >
> > > > > > > Hello everyone,
> > > > > > >
> > > > > > > Has anyone used Packer to build images on CS?
> > > > > > > I decided to try it out but it looks like it needs a public IP
> to
> > > > > access
> > > > > > > the VM console and push the initial ISO installation config.
> > > > > > >
> > > > > > > Unfortunately the setup I am working with does not create a
> > public
> > > > > > network
> > > > > > > (by design - ACS 4.17.2 Advanced Zone + Security Groups).
> > > > > > > So when Packer does queue the API with associateIpAddress
> > > > > > > <
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html
> > > > > > > >
> > > > > > > to
> > > > > > > get public IP - error "Insufficient address capacity" is
> returned
> > > as
> > > > > none
> > > > > > > is found.
> > > > > > >
> > > > > > > Moreover the SSVMs use one of the guest networks (For example
> > > > > > > 172.20.0.0/24)
> > > > > > > to get an IP and use it for public services. The Console SVM
> uses
> > > > guest
> > > > > > IP
> > > > > > > (172.20.0.10) as an access point when the console is requested
> > from
> > > > GUI
> > > > > > and
> > > > > > > it works.
> > > > > > >
> > > > > > > However when I put that IP in Packer config as a public ip so
> it
> > > does
> > > > > not
> > > > > > > do a search query the following error is received - "Error
> > > retrieving
> > > > > > UUID
> > > > > > > of IP address 172.20.0.10". I suppose that happens because the
> > > guest
> > > > IP
> > > > > > is
> > > > > > > not listed as public in the ACS Database.
> > > > > > >
> > > > > > > Is there a way to list a guest ip manually as a public?
> > > > > > > Do you know of any workaround for using a Packer with a config
> > > > without
> > > > > > > public IPs?
> > > > > > >
> > > > > > > Regards,
> > > > > > > Jordan
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: packer for Cloudstack without public ip
Posted by jordan j <yo...@gmail.com>.
i use the command in cloudmonkey with and without the zone. nothing fancy.
(localcloud) 🐱 > list publicipaddresses
(localcloud) 🐱 > list publicipaddresses
zoneid=e169566f-4528-4505-85aa-1da6e54d5e25
On Wed, Feb 8, 2023 at 3:14 PM Wei ZHOU <us...@gmail.com> wrote:
> Hi Jordan,
>
> Can you share the commands ?
>
> -Wei
>
> On Wed, 8 Feb 2023 at 14:09, jordan j <yo...@gmail.com> wrote:
>
> > Just deployed a new advanced zone with SG and created a few networks
> based
> > on the DefaultSharedNetworkOfferingWithSGService and that still shows
> empty
> > listPublicIpAddresses result.
> >
> > I also tried to deploy an advanced zone with SG from GUI so it uses
> default
> > settings but the result is the same with no public ip output.
> > Weird.
> >
> > On Wed, Feb 8, 2023 at 12:53 PM Wei ZHOU <us...@gmail.com> wrote:
> >
> > > Hi Jodan,
> > >
> > > listPublicIpAddresses works for me (in advanced zone with security
> > groups)
> > >
> > > The two options you mentioned are not related I think.
> > >
> > >
> > > -Wei
> > >
> > > On Wed, 8 Feb 2023 at 10:48, jordan j <yo...@gmail.com> wrote:
> > >
> > > > Thank you Wei,
> > > >
> > > > I managed to progress a lot from your advice!
> > > > listPublicIpAddresses - give empty output. So I assumed CS does not
> > > > consider the SG network ips public by default.
> > > >
> > > > On the setup I do not use the default SG(id=7) Network offering but a
> > > > custom one(id=21) so I compared the two and found the following
> > > > differences:
> > > > +----+----------------------+-------------------------+
> > > > | id | dedicated_lb_service | eip_associate_public_ip |
> > > > +----+----------------------+-------------------------+
> > > > | 7 | 1 | 1 |
> > > > | 21 | 0 | 0 |
> > > > +----+----------------------+-------------------------+
> > > >
> > > > So my question is which one is necessary for the ips to be considered
> > > > public and also how to apply both options when creating the network
> > > > offering from CLI?
> > > > From the API doc I see that there is an argument called
> > > > *servicecapabilitylist *but there is information on how to use it.
> > > >
> > > > I found a few code snippets on how to use it:
> > > > service_capabilities:
> > > > - {service: 'SourceNat', capabilitytype: 'RedundantRouter',
> > > > capabilityvalue: true}
> > > > - {service: 'Connectivity', capabilitytype: 'DistributedRouter',
> > > > capabilityvalue: true}
> > > > - {service: 'Connectivity', capabilitytype: 'RegionLevelVPC',
> > > > capabilityvalue: true}
> > > >
> > > > but i can't find a list of services and capability types to be used
> as
> > > > input to change dedicated_lb_service and eip_associate_public_ip.
> > > > Is such list present somewhere?
> > > >
> > > > Regards,
> > > > Jordan
> > > >
> > > >
> > > > On Wed, Feb 8, 2023 at 9:56 AM Wei ZHOU <us...@gmail.com>
> wrote:
> > > >
> > > > > Hi Jordan,
> > > > >
> > > > > The API associateIpAddress does not work for advanced zones with
> > > security
> > > > > groups.
> > > > >
> > > > > In advanced zones with security groups, all Ips are public. You can
> > use
> > > > the
> > > > > API "listPublicIpAddresses" to get a list of IPs.
> > > > >
> > > > >
> > > > >
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/listPublicIpAddresses.html
> > > > >
> > > > > *forvirtualnetwork = false (for shared networks)*
> > > > >
> > > > > *allocatedonly = false (list all IPs including Free Ips, you can
> use
> > > > > state=Free instead)*
> > > > >
> > > > > *networkid = <id of the shared network>*
> > > > >
> > > > > -Wei
> > > > >
> > > > > On Wed, 8 Feb 2023 at 08:36, jordan j <yo...@gmail.com> wrote:
> > > > >
> > > > > > Hello everyone,
> > > > > >
> > > > > > Has anyone used Packer to build images on CS?
> > > > > > I decided to try it out but it looks like it needs a public IP to
> > > > access
> > > > > > the VM console and push the initial ISO installation config.
> > > > > >
> > > > > > Unfortunately the setup I am working with does not create a
> public
> > > > > network
> > > > > > (by design - ACS 4.17.2 Advanced Zone + Security Groups).
> > > > > > So when Packer does queue the API with associateIpAddress
> > > > > > <
> > > > > >
> > > > >
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html
> > > > > > >
> > > > > > to
> > > > > > get public IP - error "Insufficient address capacity" is returned
> > as
> > > > none
> > > > > > is found.
> > > > > >
> > > > > > Moreover the SSVMs use one of the guest networks (For example
> > > > > > 172.20.0.0/24)
> > > > > > to get an IP and use it for public services. The Console SVM uses
> > > guest
> > > > > IP
> > > > > > (172.20.0.10) as an access point when the console is requested
> from
> > > GUI
> > > > > and
> > > > > > it works.
> > > > > >
> > > > > > However when I put that IP in Packer config as a public ip so it
> > does
> > > > not
> > > > > > do a search query the following error is received - "Error
> > retrieving
> > > > > UUID
> > > > > > of IP address 172.20.0.10". I suppose that happens because the
> > guest
> > > IP
> > > > > is
> > > > > > not listed as public in the ACS Database.
> > > > > >
> > > > > > Is there a way to list a guest ip manually as a public?
> > > > > > Do you know of any workaround for using a Packer with a config
> > > without
> > > > > > public IPs?
> > > > > >
> > > > > > Regards,
> > > > > > Jordan
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: packer for Cloudstack without public ip
Posted by Wei ZHOU <us...@gmail.com>.
Hi Jordan,
Can you share the commands ?
-Wei
On Wed, 8 Feb 2023 at 14:09, jordan j <yo...@gmail.com> wrote:
> Just deployed a new advanced zone with SG and created a few networks based
> on the DefaultSharedNetworkOfferingWithSGService and that still shows empty
> listPublicIpAddresses result.
>
> I also tried to deploy an advanced zone with SG from GUI so it uses default
> settings but the result is the same with no public ip output.
> Weird.
>
> On Wed, Feb 8, 2023 at 12:53 PM Wei ZHOU <us...@gmail.com> wrote:
>
> > Hi Jodan,
> >
> > listPublicIpAddresses works for me (in advanced zone with security
> groups)
> >
> > The two options you mentioned are not related I think.
> >
> >
> > -Wei
> >
> > On Wed, 8 Feb 2023 at 10:48, jordan j <yo...@gmail.com> wrote:
> >
> > > Thank you Wei,
> > >
> > > I managed to progress a lot from your advice!
> > > listPublicIpAddresses - give empty output. So I assumed CS does not
> > > consider the SG network ips public by default.
> > >
> > > On the setup I do not use the default SG(id=7) Network offering but a
> > > custom one(id=21) so I compared the two and found the following
> > > differences:
> > > +----+----------------------+-------------------------+
> > > | id | dedicated_lb_service | eip_associate_public_ip |
> > > +----+----------------------+-------------------------+
> > > | 7 | 1 | 1 |
> > > | 21 | 0 | 0 |
> > > +----+----------------------+-------------------------+
> > >
> > > So my question is which one is necessary for the ips to be considered
> > > public and also how to apply both options when creating the network
> > > offering from CLI?
> > > From the API doc I see that there is an argument called
> > > *servicecapabilitylist *but there is information on how to use it.
> > >
> > > I found a few code snippets on how to use it:
> > > service_capabilities:
> > > - {service: 'SourceNat', capabilitytype: 'RedundantRouter',
> > > capabilityvalue: true}
> > > - {service: 'Connectivity', capabilitytype: 'DistributedRouter',
> > > capabilityvalue: true}
> > > - {service: 'Connectivity', capabilitytype: 'RegionLevelVPC',
> > > capabilityvalue: true}
> > >
> > > but i can't find a list of services and capability types to be used as
> > > input to change dedicated_lb_service and eip_associate_public_ip.
> > > Is such list present somewhere?
> > >
> > > Regards,
> > > Jordan
> > >
> > >
> > > On Wed, Feb 8, 2023 at 9:56 AM Wei ZHOU <us...@gmail.com> wrote:
> > >
> > > > Hi Jordan,
> > > >
> > > > The API associateIpAddress does not work for advanced zones with
> > security
> > > > groups.
> > > >
> > > > In advanced zones with security groups, all Ips are public. You can
> use
> > > the
> > > > API "listPublicIpAddresses" to get a list of IPs.
> > > >
> > > >
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/listPublicIpAddresses.html
> > > >
> > > > *forvirtualnetwork = false (for shared networks)*
> > > >
> > > > *allocatedonly = false (list all IPs including Free Ips, you can use
> > > > state=Free instead)*
> > > >
> > > > *networkid = <id of the shared network>*
> > > >
> > > > -Wei
> > > >
> > > > On Wed, 8 Feb 2023 at 08:36, jordan j <yo...@gmail.com> wrote:
> > > >
> > > > > Hello everyone,
> > > > >
> > > > > Has anyone used Packer to build images on CS?
> > > > > I decided to try it out but it looks like it needs a public IP to
> > > access
> > > > > the VM console and push the initial ISO installation config.
> > > > >
> > > > > Unfortunately the setup I am working with does not create a public
> > > > network
> > > > > (by design - ACS 4.17.2 Advanced Zone + Security Groups).
> > > > > So when Packer does queue the API with associateIpAddress
> > > > > <
> > > > >
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html
> > > > > >
> > > > > to
> > > > > get public IP - error "Insufficient address capacity" is returned
> as
> > > none
> > > > > is found.
> > > > >
> > > > > Moreover the SSVMs use one of the guest networks (For example
> > > > > 172.20.0.0/24)
> > > > > to get an IP and use it for public services. The Console SVM uses
> > guest
> > > > IP
> > > > > (172.20.0.10) as an access point when the console is requested from
> > GUI
> > > > and
> > > > > it works.
> > > > >
> > > > > However when I put that IP in Packer config as a public ip so it
> does
> > > not
> > > > > do a search query the following error is received - "Error
> retrieving
> > > > UUID
> > > > > of IP address 172.20.0.10". I suppose that happens because the
> guest
> > IP
> > > > is
> > > > > not listed as public in the ACS Database.
> > > > >
> > > > > Is there a way to list a guest ip manually as a public?
> > > > > Do you know of any workaround for using a Packer with a config
> > without
> > > > > public IPs?
> > > > >
> > > > > Regards,
> > > > > Jordan
> > > > >
> > > >
> > >
> >
>
Re: packer for Cloudstack without public ip
Posted by jordan j <yo...@gmail.com>.
Just deployed a new advanced zone with SG and created a few networks based
on the DefaultSharedNetworkOfferingWithSGService and that still shows empty
listPublicIpAddresses result.
I also tried to deploy an advanced zone with SG from GUI so it uses default
settings but the result is the same with no public ip output.
Weird.
On Wed, Feb 8, 2023 at 12:53 PM Wei ZHOU <us...@gmail.com> wrote:
> Hi Jodan,
>
> listPublicIpAddresses works for me (in advanced zone with security groups)
>
> The two options you mentioned are not related I think.
>
>
> -Wei
>
> On Wed, 8 Feb 2023 at 10:48, jordan j <yo...@gmail.com> wrote:
>
> > Thank you Wei,
> >
> > I managed to progress a lot from your advice!
> > listPublicIpAddresses - give empty output. So I assumed CS does not
> > consider the SG network ips public by default.
> >
> > On the setup I do not use the default SG(id=7) Network offering but a
> > custom one(id=21) so I compared the two and found the following
> > differences:
> > +----+----------------------+-------------------------+
> > | id | dedicated_lb_service | eip_associate_public_ip |
> > +----+----------------------+-------------------------+
> > | 7 | 1 | 1 |
> > | 21 | 0 | 0 |
> > +----+----------------------+-------------------------+
> >
> > So my question is which one is necessary for the ips to be considered
> > public and also how to apply both options when creating the network
> > offering from CLI?
> > From the API doc I see that there is an argument called
> > *servicecapabilitylist *but there is information on how to use it.
> >
> > I found a few code snippets on how to use it:
> > service_capabilities:
> > - {service: 'SourceNat', capabilitytype: 'RedundantRouter',
> > capabilityvalue: true}
> > - {service: 'Connectivity', capabilitytype: 'DistributedRouter',
> > capabilityvalue: true}
> > - {service: 'Connectivity', capabilitytype: 'RegionLevelVPC',
> > capabilityvalue: true}
> >
> > but i can't find a list of services and capability types to be used as
> > input to change dedicated_lb_service and eip_associate_public_ip.
> > Is such list present somewhere?
> >
> > Regards,
> > Jordan
> >
> >
> > On Wed, Feb 8, 2023 at 9:56 AM Wei ZHOU <us...@gmail.com> wrote:
> >
> > > Hi Jordan,
> > >
> > > The API associateIpAddress does not work for advanced zones with
> security
> > > groups.
> > >
> > > In advanced zones with security groups, all Ips are public. You can use
> > the
> > > API "listPublicIpAddresses" to get a list of IPs.
> > >
> > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/listPublicIpAddresses.html
> > >
> > > *forvirtualnetwork = false (for shared networks)*
> > >
> > > *allocatedonly = false (list all IPs including Free Ips, you can use
> > > state=Free instead)*
> > >
> > > *networkid = <id of the shared network>*
> > >
> > > -Wei
> > >
> > > On Wed, 8 Feb 2023 at 08:36, jordan j <yo...@gmail.com> wrote:
> > >
> > > > Hello everyone,
> > > >
> > > > Has anyone used Packer to build images on CS?
> > > > I decided to try it out but it looks like it needs a public IP to
> > access
> > > > the VM console and push the initial ISO installation config.
> > > >
> > > > Unfortunately the setup I am working with does not create a public
> > > network
> > > > (by design - ACS 4.17.2 Advanced Zone + Security Groups).
> > > > So when Packer does queue the API with associateIpAddress
> > > > <
> > > >
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html
> > > > >
> > > > to
> > > > get public IP - error "Insufficient address capacity" is returned as
> > none
> > > > is found.
> > > >
> > > > Moreover the SSVMs use one of the guest networks (For example
> > > > 172.20.0.0/24)
> > > > to get an IP and use it for public services. The Console SVM uses
> guest
> > > IP
> > > > (172.20.0.10) as an access point when the console is requested from
> GUI
> > > and
> > > > it works.
> > > >
> > > > However when I put that IP in Packer config as a public ip so it does
> > not
> > > > do a search query the following error is received - "Error retrieving
> > > UUID
> > > > of IP address 172.20.0.10". I suppose that happens because the guest
> IP
> > > is
> > > > not listed as public in the ACS Database.
> > > >
> > > > Is there a way to list a guest ip manually as a public?
> > > > Do you know of any workaround for using a Packer with a config
> without
> > > > public IPs?
> > > >
> > > > Regards,
> > > > Jordan
> > > >
> > >
> >
>
Re: packer for Cloudstack without public ip
Posted by Wei ZHOU <us...@gmail.com>.
Hi Jodan,
listPublicIpAddresses works for me (in advanced zone with security groups)
The two options you mentioned are not related I think.
-Wei
On Wed, 8 Feb 2023 at 10:48, jordan j <yo...@gmail.com> wrote:
> Thank you Wei,
>
> I managed to progress a lot from your advice!
> listPublicIpAddresses - give empty output. So I assumed CS does not
> consider the SG network ips public by default.
>
> On the setup I do not use the default SG(id=7) Network offering but a
> custom one(id=21) so I compared the two and found the following
> differences:
> +----+----------------------+-------------------------+
> | id | dedicated_lb_service | eip_associate_public_ip |
> +----+----------------------+-------------------------+
> | 7 | 1 | 1 |
> | 21 | 0 | 0 |
> +----+----------------------+-------------------------+
>
> So my question is which one is necessary for the ips to be considered
> public and also how to apply both options when creating the network
> offering from CLI?
> From the API doc I see that there is an argument called
> *servicecapabilitylist *but there is information on how to use it.
>
> I found a few code snippets on how to use it:
> service_capabilities:
> - {service: 'SourceNat', capabilitytype: 'RedundantRouter',
> capabilityvalue: true}
> - {service: 'Connectivity', capabilitytype: 'DistributedRouter',
> capabilityvalue: true}
> - {service: 'Connectivity', capabilitytype: 'RegionLevelVPC',
> capabilityvalue: true}
>
> but i can't find a list of services and capability types to be used as
> input to change dedicated_lb_service and eip_associate_public_ip.
> Is such list present somewhere?
>
> Regards,
> Jordan
>
>
> On Wed, Feb 8, 2023 at 9:56 AM Wei ZHOU <us...@gmail.com> wrote:
>
> > Hi Jordan,
> >
> > The API associateIpAddress does not work for advanced zones with security
> > groups.
> >
> > In advanced zones with security groups, all Ips are public. You can use
> the
> > API "listPublicIpAddresses" to get a list of IPs.
> >
> >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/listPublicIpAddresses.html
> >
> > *forvirtualnetwork = false (for shared networks)*
> >
> > *allocatedonly = false (list all IPs including Free Ips, you can use
> > state=Free instead)*
> >
> > *networkid = <id of the shared network>*
> >
> > -Wei
> >
> > On Wed, 8 Feb 2023 at 08:36, jordan j <yo...@gmail.com> wrote:
> >
> > > Hello everyone,
> > >
> > > Has anyone used Packer to build images on CS?
> > > I decided to try it out but it looks like it needs a public IP to
> access
> > > the VM console and push the initial ISO installation config.
> > >
> > > Unfortunately the setup I am working with does not create a public
> > network
> > > (by design - ACS 4.17.2 Advanced Zone + Security Groups).
> > > So when Packer does queue the API with associateIpAddress
> > > <
> > >
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html
> > > >
> > > to
> > > get public IP - error "Insufficient address capacity" is returned as
> none
> > > is found.
> > >
> > > Moreover the SSVMs use one of the guest networks (For example
> > > 172.20.0.0/24)
> > > to get an IP and use it for public services. The Console SVM uses guest
> > IP
> > > (172.20.0.10) as an access point when the console is requested from GUI
> > and
> > > it works.
> > >
> > > However when I put that IP in Packer config as a public ip so it does
> not
> > > do a search query the following error is received - "Error retrieving
> > UUID
> > > of IP address 172.20.0.10". I suppose that happens because the guest IP
> > is
> > > not listed as public in the ACS Database.
> > >
> > > Is there a way to list a guest ip manually as a public?
> > > Do you know of any workaround for using a Packer with a config without
> > > public IPs?
> > >
> > > Regards,
> > > Jordan
> > >
> >
>
Re: packer for Cloudstack without public ip
Posted by jordan j <yo...@gmail.com>.
Thank you Wei,
I managed to progress a lot from your advice!
listPublicIpAddresses - give empty output. So I assumed CS does not
consider the SG network ips public by default.
On the setup I do not use the default SG(id=7) Network offering but a
custom one(id=21) so I compared the two and found the following differences:
+----+----------------------+-------------------------+
| id | dedicated_lb_service | eip_associate_public_ip |
+----+----------------------+-------------------------+
| 7 | 1 | 1 |
| 21 | 0 | 0 |
+----+----------------------+-------------------------+
So my question is which one is necessary for the ips to be considered
public and also how to apply both options when creating the network
offering from CLI?
From the API doc I see that there is an argument called
*servicecapabilitylist *but there is information on how to use it.
I found a few code snippets on how to use it:
service_capabilities:
- {service: 'SourceNat', capabilitytype: 'RedundantRouter',
capabilityvalue: true}
- {service: 'Connectivity', capabilitytype: 'DistributedRouter',
capabilityvalue: true}
- {service: 'Connectivity', capabilitytype: 'RegionLevelVPC',
capabilityvalue: true}
but i can't find a list of services and capability types to be used as
input to change dedicated_lb_service and eip_associate_public_ip.
Is such list present somewhere?
Regards,
Jordan
On Wed, Feb 8, 2023 at 9:56 AM Wei ZHOU <us...@gmail.com> wrote:
> Hi Jordan,
>
> The API associateIpAddress does not work for advanced zones with security
> groups.
>
> In advanced zones with security groups, all Ips are public. You can use the
> API "listPublicIpAddresses" to get a list of IPs.
>
>
> https://cloudstack.apache.org/api/apidocs-4.17/apis/listPublicIpAddresses.html
>
> *forvirtualnetwork = false (for shared networks)*
>
> *allocatedonly = false (list all IPs including Free Ips, you can use
> state=Free instead)*
>
> *networkid = <id of the shared network>*
>
> -Wei
>
> On Wed, 8 Feb 2023 at 08:36, jordan j <yo...@gmail.com> wrote:
>
> > Hello everyone,
> >
> > Has anyone used Packer to build images on CS?
> > I decided to try it out but it looks like it needs a public IP to access
> > the VM console and push the initial ISO installation config.
> >
> > Unfortunately the setup I am working with does not create a public
> network
> > (by design - ACS 4.17.2 Advanced Zone + Security Groups).
> > So when Packer does queue the API with associateIpAddress
> > <
> >
> https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html
> > >
> > to
> > get public IP - error "Insufficient address capacity" is returned as none
> > is found.
> >
> > Moreover the SSVMs use one of the guest networks (For example
> > 172.20.0.0/24)
> > to get an IP and use it for public services. The Console SVM uses guest
> IP
> > (172.20.0.10) as an access point when the console is requested from GUI
> and
> > it works.
> >
> > However when I put that IP in Packer config as a public ip so it does not
> > do a search query the following error is received - "Error retrieving
> UUID
> > of IP address 172.20.0.10". I suppose that happens because the guest IP
> is
> > not listed as public in the ACS Database.
> >
> > Is there a way to list a guest ip manually as a public?
> > Do you know of any workaround for using a Packer with a config without
> > public IPs?
> >
> > Regards,
> > Jordan
> >
>
Re: packer for Cloudstack without public ip
Posted by Wei ZHOU <us...@gmail.com>.
Hi Jordan,
The API associateIpAddress does not work for advanced zones with security
groups.
In advanced zones with security groups, all Ips are public. You can use the
API "listPublicIpAddresses" to get a list of IPs.
https://cloudstack.apache.org/api/apidocs-4.17/apis/listPublicIpAddresses.html
*forvirtualnetwork = false (for shared networks)*
*allocatedonly = false (list all IPs including Free Ips, you can use
state=Free instead)*
*networkid = <id of the shared network>*
-Wei
On Wed, 8 Feb 2023 at 08:36, jordan j <yo...@gmail.com> wrote:
> Hello everyone,
>
> Has anyone used Packer to build images on CS?
> I decided to try it out but it looks like it needs a public IP to access
> the VM console and push the initial ISO installation config.
>
> Unfortunately the setup I am working with does not create a public network
> (by design - ACS 4.17.2 Advanced Zone + Security Groups).
> So when Packer does queue the API with associateIpAddress
> <
> https://cloudstack.apache.org/api/apidocs-4.17/apis/associateIpAddress.html
> >
> to
> get public IP - error "Insufficient address capacity" is returned as none
> is found.
>
> Moreover the SSVMs use one of the guest networks (For example
> 172.20.0.0/24)
> to get an IP and use it for public services. The Console SVM uses guest IP
> (172.20.0.10) as an access point when the console is requested from GUI and
> it works.
>
> However when I put that IP in Packer config as a public ip so it does not
> do a search query the following error is received - "Error retrieving UUID
> of IP address 172.20.0.10". I suppose that happens because the guest IP is
> not listed as public in the ACS Database.
>
> Is there a way to list a guest ip manually as a public?
> Do you know of any workaround for using a Packer with a config without
> public IPs?
>
> Regards,
> Jordan
>