Cloudmin fails to see, create network interfaces after guest has been builded

Submitted by steen on Sat, 01/23/2016 - 12:58

Hello Folks!

After successfully creating and installing a guest, cents 5.11 32 bit with one interface to one of our subnets no interfaces is visible for that guest from whilst looking in cloudmin.

Cloudmin -> System Configuration -> Network Interfaces:

Module Index Help.. Network Interfaces
ali1.vm.radio2.ing-steen.se Add a virtual interface. | Add a real interface. IPv4 Address Interface name Virtual number Netmask
Add a virtual interface. | Add a real interface.

I is empty....

From inside the host this is visible and working: [root@ali1 ~]# ip add 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 02:54:00:b7:ff:80 brd ff:ff:ff:ff:ff:ff inet 172.16.1.129/24 brd 172.16.1.255 scope global eth0 inet6 fe80::54:ff:feb7:ff80/64 scope link valid_lft forever preferred_lft forever 3: sit0: mtu 1480 qdisc noop link/sit 0.0.0.0 bad 0.0.0.0

Trying to create the additional interface to the other subnet via another bridge results in this:

Add a real interface ->

Module Index Help.. Add Real Network Interface
ali1.vm.radio2.ing-steen.se Virtual system network interface details Network interface name eth1 Network bridge on host br1 IP address Allocate automatically Entered address 10.30.0.129 Nitmask 255.255.255.0 IPv6 addresses
IPv6 address Netmask

Network device model virtio

Press create!

Module Index Error
Failed to get list of network interfaces : sh: ip: command not found

<- Return to previous page

What now ?

Status: 
Active

Comments

Submitted by JamieCameron on Sat, 01/23/2016 - 16:36

Can you post the contents of the /etc/sysconfig/network-interfaces/ifcfg-eth0 file from this VM?

Submitted by steen on Sat, 01/23/2016 - 16:46

Hello Jamie!

I did find a workaround, not nice but it worked, yet no visible interfaces for that vm in cloudmin. Workaround was to change Host Systems -> Network Options and then IP address allocation ranges: add both network bridges with ip ranges, and also Bridges on host system for KVM interfaces: pick the two bridge interfaces, here br1 and br3. When I deleted and recreated the vm once again, that time I picked "New System" -> "KVM Host Settings" -> "Host and networking options": selected "Manually entered addresses below .." and filled in the ip addresses and gateways for each br.

Here it comes /etc/sysconfig/network-interfaces/ifcfg-eth0:

[root@ali2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0

Intel Corporation 82540EM Gigabit Ethernet Controller

DEVICE=eth0 BOOTPROTO=static BROADCAST=10.30.0.255 HWADDR=02:54:00:D7:50:57 IPADDR=10.30.0.130 IPV6INIT=yes IPV6_AUTOCONF=yes NETMASK=255.255.255.0 NETWORK=10.30.0.0 ONBOOT=yes

[root@ali2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1

Intel Corporation 82540EM Gigabit Ethernet Controller

DEVICE=eth1 BOOTPROTO=static HWADDR=02:54:00:D7:50:58 IPADDR=172.16.1.130 NETMASK=255.255.255.0 ONBOOT=yes

Submitted by steen on Wed, 03/16/2016 - 10:05

Hello Folks!

This problems remains for Centos 5.11. I just replicated the problem again. Server created and all looks fine, also network interfaces is working, but not visible from cloudmin.

cloudmin list-interfaces --host ali2.vm.radio2.ing-steen.se Failed to list interfaces : sh: ip: command not found

Lists all network interfaces on some virtual system.

cloudmin list-interfaces --host hostname [--multiline | --address-only] [root@redstar kvm]#

[root@redstar kvm]# cloudmin list-interfaces --host ali3.vm.radio2.ing-steen.se Interface Address Netmask Use

eth0 172.16.1.131 255.255.255.0 Primary network interface

What is problem here ?

Submitted by JamieCameron on Thu, 03/17/2016 - 00:55

What does the ifconfig -a command output on this VM?

Submitted by steen on Sun, 03/20/2016 - 04:36

[root@ali2 ~]# ifconfig -a eth0 Link encap:Ethernet HWaddr 02:54:00:D7:50:57
inet addr:194.218.206.131 Bcast:194.218.206.143 Mask:255.255.255.240 inet6 addr: fe80::54:ff:fed7:5057/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:28471039 errors:0 dropped:0 overruns:0 frame:0 TX packets:28784704 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2339956135 (2.1 GiB) TX bytes:3888516831 (3.6 GiB)

eth1 Link encap:Ethernet HWaddr 02:54:00:D7:50:58
inet addr:172.16.1.130 Bcast:172.16.1.255 Mask:255.255.255.0 inet6 addr: fe80::54:ff:fed7:5058/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2470286 errors:0 dropped:0 overruns:0 frame:0 TX packets:2593784 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:326570380 (311.4 MiB) TX bytes:1852636108 (1.7 GiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:116 errors:0 dropped:0 overruns:0 frame:0 TX packets:116 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:26382 (25.7 KiB) TX bytes:26382 (25.7 KiB)

sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Submitted by steen on Sun, 03/20/2016 - 04:49

I use a special user to fetch the config from guest, it uses ssh-key login and sudo. It works for the other guests which are Centos 7 and Centos 6. But for Centos 5.11 it always fails to fetch network interfaces after build.

I saw something appearing a few days ago, but can not find it back again. it was something like "su: command not found" while fetching interfaces or creating, I do not remember.

Submitted by JamieCameron on Sun, 03/20/2016 - 12:02

Ok, that may be a problem - if Cloudmin cannot run commands as root on the guest, it isn't going to be able to run ifconfig properly.

If you select the guest from the left menu and go to System Operations -> Run Commands and run ifconfig -a , do you get the exact same output?

Submitted by JamieCameron on Sun, 03/20/2016 - 12:03

Also, in general we recommend allowing Cloudmin to SSH in directly as root. Using a sudo-capable user doesn't work as well, because it isn't possible to directly scp files with root permissions.

Submitted by steen on Tue, 03/22/2016 - 16:20

Command history

ifconfig -a sh: ifconfig: command not found

Okey, it does not find ifconfig.

Lets try and see what this is: [vmadmin@ali2 ~]$ whereis ifconfig ifconfig: /sbin/ifconfig /usr/share/man/man8/ifconfig.8.gz [vmadmin@ali2 ~]$ ifconfig -a -bash: ifconfig: command not found

So the sudo user vmadmin's environment does not find ifconfig command.

[vmadmin@ali2 ~]$ sudo /sbin/ifconfig -a eth0 Link encap:Ethernet HWaddr 02:54:00:D7:50:57
inet addr:194.218.206.131 Bcast:194.218.206.143 Mask:255.255.255.240 inet6 addr: fe80::54:ff:fed7:5057/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:83887997 errors:0 dropped:0 overruns:0 frame:0 TX packets:84331287 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2335096746 (2.1 GiB) TX bytes:563508108 (537.4 MiB)

eth1 Link encap:Ethernet HWaddr 02:54:00:D7:50:58
inet addr:172.16.1.130 Bcast:172.16.1.255 Mask:255.255.255.0 inet6 addr: fe80::54:ff:fed7:5058/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4145301 errors:0 dropped:0 overruns:0 frame:0 TX packets:4347798 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:542353623 (517.2 MiB) TX bytes:3088898731 (2.8 GiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:162 errors:0 dropped:0 overruns:0 frame:0 TX packets:162 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:35317 (34.4 KiB) TX bytes:35317 (34.4 KiB)

sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

On the old Centos 5.11 we now add the path variable from root to its own path variable and try again in ~vmadmin/.bash_profile: PATH=$PATH:/sbin:/usr/sbin:/usr/local/sbin

root@redstar ~]# ssh -t -p 1999 -i vmadmin.key vmadmin@ali2 "sudo ifconfig -a" sudo: ifconfig: command not found Connection to alit closed.

But it did not help, result is still the same...

So now we remove the ssh-key and enable direct root logins to see what happens.

This worked, so now we know that.

There is one more known sudo security thing, "Defaults requiretty"

root@redstar ~]# ssh -t -p 1999 -i vmadmin.key vmadmin@ali2 "sudo ifconfig -a" sudo: ifconfig: command not found Connection to alit closed.

So it was not that either.

It is likely related to the sudo user vmadmin environment that is not set when logging in using ssh in none interactive mode.

This is no good, direct root login should not be used, root logins only on consoles....

Eventually the solution is something like this link: http://apple.stackexchange.com/questions/23633/source-profile-and-bashrc... but I did not have time to sit play with it this time, someone ?

Submitted by JamieCameron on Tue, 03/22/2016 - 21:38

Ok, that's the problem - if the ifconfig command isn't in the path, Cloudmin won't be able to run it.

BTW, a direct SSH login as root is no less secure than a login as a user who can sudo to root without an additional password.

Submitted by steen on Wed, 03/23/2016 - 03:47

with one little addition, if the sudo user missbehave you can easely lock/limit its permissions without changing root password or key. anthow, it now works and we are happy